We are in the process of merging Microsoft Learning with Microsoft Learn, which will be complete by June 30, 2020. You’ll find all relevant training and certification information is now available on Microsoft Learn. For more information, refer to the FAQ.
In response to the coronavirus (COVID-19) situation, Microsoft is implementing several temporary changes to our training and certification program. Learn more.


Microsoft Azure logo

  • Published:
    November 30, 2017
  • Languages:
  • Audiences:
    IT professionals
  • Technology:
    Microsoft Azure
  • Credit toward certification:

Architecting Microsoft Azure Solutions 

This exam has been retired

For currently available options, please see the Microsoft Certification exam list.

Skills measured

This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

There are exam updates effective as of March 22, 2018. To learn more about these changes and how they affect the skills measured, please download and review the Exam 535 change document.

IMPORTANT: Microsoft is making significant changes to this certification. To learn more, see the blog post on role-based certification on Microsoft Learning Community. As a result, exam 535 will be replaced with two new exams that cover the Azure Architect job role more extensively than this exam does. To support these changes, we are retiring exam 535 on December 31, 2018.

To learn more about these new exams and what they assess, visit:

If you have taken this exam and want to transition to the new Azure Architect certification, you should take Exam AZ-302: Microsoft Azure Solutions Architect Certification Transition.

Design Compute Infrastructure (20-25%)
  • Design solutions using virtual machines (VMs)
    • Design VM deployments by leveraging availability sets, fault domains, and update domains in Azure; use web app for containers; design VM Scale Sets; design for compute-intensive tasks using Azure Batch and Azure Batch AI; define a migration strategy from cloud services; determine when to use reserved instances; design for VMs in a DevTest Lab environment (including formulas, images, artifacts, claiming and un-claiming VMs); determine when to use Accelerated Networking; recommend use of Azure Backup and Azure Site Recovery including support for Linux in Azure Backup and integrating Azure Backup in the VM creation process; recommend when to use availability zones
  • Design solutions for serverless computing
    • Use Azure Functions to implement event-driven actions; design data storage solutions for serverless computing; design for serverless computing using Azure Container Instances; design application solutions by using Azure Logic Apps, Azure Functions, or both; determine when to use API management service; design event routing solutions using Azure Event Grid; design solutions that integrate stream processing and bot messaging
  • Design microservices-based solutions  
    • Determine when a container-based solution is appropriate; determine when container-orchestration is appropriate; determine when Azure Service Fabric (ASF) is appropriate; determine when Azure Functions is appropriate; determine when to use API management service; determine when Web API is appropriate; determine which platform is appropriate for container orchestration; consider migrating existing assets versus cloud native deployment; design lifecycle management strategies
  • Design web applications
    • Design Azure App Service Web Apps; design custom web API; secure Web API; design Web Apps for scalability and performance; design for high availability using Azure Web Apps in multiple regions; determine which App service plan to use; design Web Apps for business continuity; determine when to use Azure App Service Isolated; design for API apps; determine when to use API management service; determine when to use Web Apps on Linux; determine when to use a CDN; determine when to use a cache, including Azure Redis cache
  • Create compute-intensive applications
    • Design high-performance computing (HPC) and other compute-intensive applications using Azure Services; determine when to use Azure Batch; design stateless components to accommodate scale; design lifecycle strategy for Azure Batch; design solution that implement low priority batching and job task counting
Design Data Implementation (15-20%)
  • Design for Azure Storage solutions
    • Determine when to use Azure Blob Storage, blob tiers (hot, cool, archive), Azure Files, disks, Azure Data Box, Azure Storage Service Encryption, and Azure StorSimple
  • Design for Azure Data Services
    • Determine when to use Azure Data Catalog, Azure Data Factory, Azure SQL Data Warehouse, Azure Data Lake Analytics, Azure Analysis Services, and Azure HDInsight
  • Design for relational database storage
    • Determine when to use Azure SQL Database and SQL Server Stretch Database; design for scalability and features; determine when to use Azure Database for MySQL and Azure Database for PostgreSQL; design for HA/DR, geo-replication; design a backup and recovery strategy; design optimization strategies for Azure SQL Data Warehouse columnar storage
  • Design for NoSQL storage
    • Determine when to use Azure Redis Cache, Azure Table Storage, Azure Data Lake, Azure Search, Time Series Insights; design pipelines for managing recurring jobs
  • Design for CosmosDB storage
    • Determine when to use MongoDB API, Azure Cosmos DB SQL API, Graph API, Azure Tables API; design for cost, performance, data consistency, availability, and business continuity
Design Networking Implementation (15-20%)
  • Design Azure virtual networks
    • Design solutions that use Azure networking services: design for load balancing using Azure Load Balancer and Azure Traffic Manager; define DNS, DHCP, and IP strategies; determine when to use Azure Application Gateway; determine when to use virtual network (VNet) service endpoints; determine when to use multi-node application gateways, Traffic Manager and load balancers
  • Design external connectivity for Azure Virtual Networks
    • Determine when to use Azure VPN, Azure ExpressRoute and Virtual Network Peering architecture and design; determine when to use User Defined Routes (UDRs); determine when to use VPN gateway site-to-site failover for ExpressRoute; determine when to use the Container Networking Interface (CNI) plugin; design solutions that use Global VNet Peering
  • Design security strategies
    • Determine when to use network virtual appliances; design a perimeter network (DMZ); determine when to use a Web Application Firewall (WAF), Network Security Group (NSG), and virtual network service tunneling; organize resources by designing solutions that use service tags
  • Design connectivity for hybrid applications
    • Design connectivity to on-premises data from Azure applications using Azure Relay Service, Azure Data Management Gateway for Data Factory, Azure On-Premises Data Gateway, Hybrid Connections, or Azure Web App’s virtual private network (VPN) capability; identify constraints for connectivity with VPN; identify options for joining VMs to domains
Design Security and Identity Solutions (20-25%)
  • Design an identity solution
    • Design AD Connect synchronization; design federated identities using Active Directory Federation Services (AD FS); design solutions for Multi-Factor Authentication (MFA); design an architecture using Active Directory on-premises and Azure Active Directory (AAD); determine when to use Azure AD Domain Services; design security for Mobile Apps using AAD
  • Secure resources by using identity providers
    • Design solutions that use external or consumer identity providers such as Microsoft account, Facebook, Google, and Yahoo; determine when to use Azure AD B2C and Azure AD B2B; design mobile apps using AAD B2C or AAD B2B
  • Design a data security solution
    • Design data security solutions for Azure services; determine when to use Azure Storage encryption, Azure Disk Encryption, Azure SQL Database security capabilities, and Azure Key Vault; design for protecting secrets in ARM templates using Azure Key Vault; design for protecting application secrets using Azure Key Vault; design a solution for managing certificates using Azure Key Vault; design solutions that use Azure AD Managed Service Identity
  • Design a mechanism of governance and policies for administering Azure resources
    • Determine when to use Azure RBAC standard roles and custom roles; define an Azure RBAC strategy; determine when to use Azure resource policies; determine when to use Azure AD Privileged Identity Management; design solutions that use Azure AD Managed Service Identity; determine when to use HSM-backed keys
  • Manage security risks by using an appropriate security solution
    • Identify, assess, and mitigate security risks by using Azure Security Center, Operations Management Suite Security and Audit solutions, and other services; determine when to use Azure AD Identity Protection; determine when to use Advanced Threat Detection; determine an appropriate endpoint protection strategy
Design Solutions by using Platform Services (10-15%)
  • Design for Artificial Intelligence Services
    • Determine when to use the appropriate Cognitive Services, Azure Bot Service, Azure Machine Learning, and other categories that fall under cognitive AI
  • Design for IoT
    • Determine when to use Azure Stream Analytics, Azure IoT Hubs, Azure Event Hubs, real-time analytics, Azure Time Series Insights, Azure IoT Edge, Azure Notification Hubs, Event Grid, and other services that fall under IoT
  • Design messaging solution architectures
    • Design a messaging architecture; determine when to use Azure Storage Queues, Azure Service Bus, Azure Event Hubs, Azure Event Grid, Azure Relay, Azure Functions, and Azure Logic Apps; design a push notification strategy for Mobile Apps; design for performance and scale
  • Design for media service solutions
    • Define solutions using Azure Media Services, video indexer, video API, computer vision API, preview, and other media related services; design solutions that use file-based encoding or Azure Media Analytics
Design for Operations (10-15%)
  • Design an application monitoring and alerting strategy
    • Determine the appropriate Microsoft products and services for monitoring applications on Azure; define solutions for analyzing logs and enabling alerts using Azure Log Analytics; define solutions for analyzing performance metrics and enabling alerts using Azure Monitor; define a solution for monitoring applications and enabling alerts using Application Insights
  • Design a platform monitoring and alerting strategy
    • Determine the appropriate Microsoft products and services for monitoring Azure platform solutions; define a monitoring solution using Azure Health, Azure Advisor, and Activity Log; define a monitoring solution for Azure Networks using Log Analytics and Network Watcher service; monitor security with Azure Security Center; design TCP connections
  • Design an operations automation strategy
    • Determine when to use Azure Automation, Chef, Puppet, PowerShell, Azure Automation (DSC), Event Grid, and Azure Logic Apps; define a strategy for auto-scaling; define a strategy for enabling periodic processes and tasks; define an update management strategy

Preparation options

Online training
Instructor-led training
Practice test

Take a Microsoft Official Practice Test for exam 70-535

Beginning in April 2017, over time, practice tests will become available in multiple languages, including Spanish, Chinese (Simplified), Chinese (Traditional), French, German, Japanese, Portuguese (Brazil), and Russian. To see when a specific language is offered for this practice test, please check back.


Exam Ref 70-535 Architecting Microsoft Azure Solutions
Published: May 10, 2018

The Exam Ref is the official study guide for Microsoft certification exams. Featuring concise, objective-by-objective reviews and strategic case scenarios and Thought Experiments, exam candidates get professional-level preparation for the exam. The Exam Ref helps candidates maximize their performance on the exam and sharpen their job-role skills. It organizes material by the exam's objective domains. This Exam Ref is a complete guide for the 70-535 exam covering architecting cloud solutions on Azure including all aspects of designing and creating a strategy for a complete solution leveraging the Microsoft Azure Cloud. This includes Azure Resource Manager (ARM) templates, Networking, Security, application storage and data access, advanced applications, web and mobile apps, compute infrastructure, and managing, monitoring and creating a business continuity strategy.

Buy this book at the Microsoft Press Store

Microsoft Press books and eBooks are available for preorder within 90 days of the book’s publication date.


Who should take this exam?

Candidates for this exam define the appropriate cloud native, cloud migration, and hybrid cloud solutions to meet the required functional, operational, and deployment requirements through the solution lifecycle. Candidates should know the features and capabilities of Azure services to be able to identify tradeoffs and make decisions for designing public and hybrid cloud solutions.

The candidate should understand DevOps technologies, provisioning Azure resources using ARM templates, and designing highly resilient workloads running on Azure.

More information about exams

Preparing for an exam

We recommend that you review this exam preparation guide in its entirety and familiarize yourself with the resources on this website before you schedule your exam. See the Microsoft Certification exam overview for information about registration, videos of typical exam question formats, and other preparation resources. For information on exam policies and scoring, see the Microsoft Certification exam policies and FAQs.


This preparation guide is subject to change at any time without prior notice and at the sole discretion of Microsoft. Microsoft exams might include adaptive testing technology and simulation items. Microsoft does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format. To help you prepare for this exam, Microsoft recommends that you have hands-on experience with the product and that you use the specified training resources. These training resources do not necessarily cover all topics listed in the "Skills measured" section.