πŸ”’ Guided

Pre-launch preview. Authorised access only.

Incorrect code

Guided by A Guide to Cloud
Explore AB-900 AI-901
Guided AZ-305 Domain 4
Domain 4 β€” Module 6 of 12 50%
24 of 30 overall

AZ-305 Study Guide

Domain 1: Design Identity, Governance, and Monitoring Solutions

  • Monitoring & Logging Design
  • Choosing Authentication Methods
  • Designing Identity Management
  • Authorizing Access to Resources
  • Secrets, Keys & Certificates
  • Governance at Scale
  • Compliance & Identity Governance

Domain 2: Design Data Storage Solutions

  • Relational Data: Choosing Your SQL Platform
  • Database Performance & Scalability
  • Database Security & Compliance
  • Cosmos DB & Semi-Structured Data
  • Blob, Data Lake & Azure Files
  • Data Integration & Analytics

Domain 3: Design Business Continuity Solutions

  • Recovery Objectives: RPO, RTO & SLA Free
  • Backup & Recovery for Compute Free
  • Backup for Databases & Unstructured Data Free
  • High Availability for Compute Free
  • High Availability for Data Free

Domain 4: Design Infrastructure Solutions

  • Compute Design: VMs & When to Use Them
  • Container Solutions: AKS, ACI & Container Apps
  • Serverless & Batch Processing
  • Messaging Architecture
  • Event-Driven Architecture
  • API Integration & Caching
  • App Configuration & Automated Deployment
  • Migration Strategy & Assessment
  • Executing Migrations
  • Network Connectivity: Internet & Hybrid
  • Network Security & Performance
  • Load Balancing & Routing

AZ-305 Study Guide

Domain 1: Design Identity, Governance, and Monitoring Solutions

  • Monitoring & Logging Design
  • Choosing Authentication Methods
  • Designing Identity Management
  • Authorizing Access to Resources
  • Secrets, Keys & Certificates
  • Governance at Scale
  • Compliance & Identity Governance

Domain 2: Design Data Storage Solutions

  • Relational Data: Choosing Your SQL Platform
  • Database Performance & Scalability
  • Database Security & Compliance
  • Cosmos DB & Semi-Structured Data
  • Blob, Data Lake & Azure Files
  • Data Integration & Analytics

Domain 3: Design Business Continuity Solutions

  • Recovery Objectives: RPO, RTO & SLA Free
  • Backup & Recovery for Compute Free
  • Backup for Databases & Unstructured Data Free
  • High Availability for Compute Free
  • High Availability for Data Free

Domain 4: Design Infrastructure Solutions

  • Compute Design: VMs & When to Use Them
  • Container Solutions: AKS, ACI & Container Apps
  • Serverless & Batch Processing
  • Messaging Architecture
  • Event-Driven Architecture
  • API Integration & Caching
  • App Configuration & Automated Deployment
  • Migration Strategy & Assessment
  • Executing Migrations
  • Network Connectivity: Internet & Hybrid
  • Network Security & Performance
  • Load Balancing & Routing
Domain 4: Design Infrastructure Solutions Premium ⏱ ~18 min read

API Integration & Caching

Azure API Management, Azure Cache for Redis, CDN, and Front Door β€” design API layers that are secure, performant, and cost-efficient.

API and caching design

β˜• Simple explanation

API Management is the front door to your APIs. It handles authentication, rate limiting, transformation, and analytics β€” so your backend services focus on business logic.

Caching is the shortcut. Instead of computing the same result 1,000 times, compute it once and cache the answer. Azure Cache for Redis handles in-memory caching. Azure CDN and Front Door cache content at edge locations close to users.

API and caching architecture covers:

  • Azure API Management (APIM): API gateway, developer portal, policy engine, analytics
  • Azure Cache for Redis: In-memory data store for session state, caching, leaderboards, pub/sub
  • Azure CDN / Front Door: Edge caching for static content and global load balancing

Azure API Management

FeatureWhat It Does
API GatewaySingle entry point β€” routes requests to backend services
PoliciesTransform requests/responses, authenticate, rate-limit, cache, validate
Developer PortalSelf-service portal for API consumers (docs, try-it, API keys)
ProductsGroup APIs with usage quotas and terms β€” publish to specific audiences
AnalyticsRequest volume, latency, errors, geographic distribution

APIM tiers

API Management Tiers
FactorConsumptionDeveloperStandard v2Premium v2
ScalingServerless (auto)1 unitConfigurable unitsConfigurable units
SLA99.95%No SLA99.95%99.99%
VNet integrationNoYesOutbound VNet integrationVNet injection (full inbound+outbound)
Multi-regionNoNoNoNo (classic Premium required)
Self-hosted gatewayNoYes (for dev/test)NoNo
CostPay per call~$50/mo~$300+/mo~$3,000+/mo
Best forLow traffic, serverless APIsDev/testProduction single-regionEnterprise, VNet isolation

πŸš€ Marcus’s APIM design: NovaSaaS exposes APIs to partners:

  • Standard v2 tier with outbound VNet integration
  • OAuth 2.0 validation policy β€” validates JWT tokens from partner Entra ID apps
  • Rate limiting β€” 1,000 requests/minute per partner
  • Response caching policy β€” cache GET responses for 5 minutes (reduces backend load by 80%)

Azure Cache for Redis

Use CaseDescriptionPattern
Data cachingCache database query resultsApp checks cache first β†’ hit = return cached, miss = query DB + cache result
Session stateStore user sessions across web farmCentralised session store β€” all instances share session data
Message brokerLightweight pub/subRedis pub/sub for real-time notifications
Distributed lockPrevent concurrent processingRedis SETNX for cross-instance coordination

Redis tiers

TierMemoryHABest For
Basic250 MB - 53 GBNo SLA, no replicationDev/test
Standard250 MB - 53 GBPrimary + replica (99.9% SLA)Production caching
Premium6 GB - 120 GBClustering, geo-replication, VNet, persistenceEnterprise, high throughput
Enterprise12 GB - 2 TBRedis Enterprise features, active geo-replicationMission-critical, multi-region

CDN and Front Door

Azure CDN vs Azure Front Door
FactorAzure CDNAzure Front Door
Primary purposeStatic content caching at edgeGlobal load balancing + WAF + caching
RoutingSimple (origin-based)Advanced (URL path, header, geography)
WAFNo β€” use Front Door for WAFFull WAF with custom rules and bot protection
SSL offloadingYesYes + custom domain certificates
CachingStatic content (images, CSS, JS)Static + dynamic content caching
Health probesYesYes + fast failover
Best forStatic websites, media deliveryGlobal applications needing WAF + routing + caching

🏦 Elena’s edge design:

  • Front Door Premium with WAF protecting all customer-facing APIs
  • Custom WAF rules blocking known attack patterns and geo-restricting to operating countries
  • Caching for API responses that don’t change per-user (product catalogs, exchange rates)
  • Private Link origin connection β€” backend services never exposed to the internet

Knowledge check

Question

When should you recommend Azure Front Door over Azure CDN?

Click or press Enter to reveal answer

Answer

When you need: global load balancing (not just caching), WAF with custom rules, advanced URL-based routing, or fast failover between backend origins. CDN is simpler and cheaper for static content delivery. Front Door is the full edge platform for global applications.

Click to flip back
Question

What's the most common caching pattern with Azure Cache for Redis?

Click or press Enter to reveal answer

Answer

Cache-aside pattern: Application checks cache first. On cache hit, return cached data. On cache miss, query the database, store result in cache (with TTL), and return data. This reduces database load by serving repeat queries from memory.

Click to flip back
Question

What are the main cache invalidation strategies and when to use each?

Click or press Enter to reveal answer

Answer

TTL-based: set an expiry time β€” simplest, accepts some staleness. Event-driven: invalidate cache when source data changes (via Event Grid or change notifications) β€” most accurate. Write-through: update cache and database simultaneously β€” ensures consistency but adds write latency. For most apps, TTL with event-driven invalidation for critical data is the balanced approach.

Click to flip back
Knowledge Check

πŸš€ NovaSaaS exposes APIs to 50 partner companies. Each partner needs rate limiting, JWT validation, and the ability to discover APIs through a self-service portal. Which service should Marcus use?
Knowledge Check

🏦 Elena's trading platform queries Azure SQL for account balances on every transaction. The database is overloaded at 90% DTU during peak hours. Balances change frequently and stale data could cause overdrafts. Which caching strategy should Elena recommend?

🎬 Video coming soon

Next up: Configuration and deployment automation β€” App Configuration & Automated Deployment.

← Previous

Event-Driven Architecture

Next β†’

App Configuration & Automated Deployment

Guided

I learn, I simplify, I share.

A Guide to Cloud YouTube Feedback

© 2026 Sutheesh. All rights reserved.

Guided is an independent study resource and is not affiliated with, endorsed by, or officially connected to Microsoft. Microsoft, Azure, and related trademarks are property of Microsoft Corporation. Always verify information against Microsoft Learn.