AZ-204 Cheat Sheet 2026: Azure Developer Quick Reference

This cheat sheet is optimized for the AZ-204 (Developing Solutions for Microsoft Azure) exam syllabus (current for 2026). It focuses on the specific “Skills Measured” and high-probability exam topics.

1. Compute Solutions (25-30%)

Azure App Service

• App Service Plans (ASP):
  • Free/Shared: Dev/Test only. No SLA. No custom domains (Free).
  • Basic: Manual scale only. Custom domains + SSL.
  • Standard: Production starts here. Auto-scale, Staging slots (5), Daily backups.
  • Premium (V2/V3): Higher scale, faster processors, Zone Redundancy.
  • Isolated: Dedicated hardware, VNET isolation (App Service Environment – ASE).
• Deployment Slots:
  • Swap types: Blue/Green deployment.
  • Auto-swap: Happens automatically after warmup.
  • Traffic Routing: Can route x% of traffic to a slot (Canary testing).
  • Exam Tip: Settings that swap: Connection strings, App settings (unless “Slot Setting” checked), Handler mappings. Settings that don’t swap: Publish endpoints, Custom domain names, SSL certificates, Scale settings.

Azure Functions

• Hosting Plans:
  • Consumption: Serverless. Pay-per-execution. Cold starts exist. Timeout: 5 min (max 10).
  • Premium: Pre-warmed instances (no cold start). VNET connectivity. Unlimited execution duration (technically).
  • Dedicated (App Service Plan): Predictable cost. Run on same VM as Web App.
• Triggers & Bindings:
  • Trigger: Starts the function (only 1 per function).
  • Input/Output Binding: Connects data (e.g., write to Blob without SDK code).
  • Exam Tip: If you need to read a blob, process it, and write to Cosmos DB without writing connection code, use Bindings.
• Durable Functions: State management in serverless.
  • Orchestrator: Defines workflow (must be deterministic: no DateTime.Now, no Guid.NewGuid()).
  • Activity: Performs the actual work.
  • Patterns: Function Chaining, Fan-out/Fan-in, Async HTTP APIs (Polling), Monitor.

Container Solutions

• Azure Container Instances (ACI): “Pod as a Service.” Fast burst, simple, per-second billing. No orchestration.
  • Use case: Scheduled task, simple sidecar, rapid testing.
• Azure Kubernetes Service (AKS): Full orchestration.
  • Nodes: Virtual Machines (you manage OS updates unless auto-upgrade on).
  • Pods: Apps running in containers.
• Azure Container Apps (ACA): Built on K8s but serverless (KEDA + Envoy).
  • Key Feature: Scale to Zero (cost effective).
  • Revisions: Manage versions of container apps.

2. Azure Storage (15-20%)

Cosmos DB

• APIs: NoSQL (Core/SQL), MongoDB, Cassandra, Gremlin (Graph), Table.
• Partition Keys: Crucial for scaling. Must be unique and have high cardinality.
  • Synthetic Keys: Combine properties (e.g., City-Date) to avoid “Hot Partitions.”
• Consistency Levels (Strongest to Weakest):
  1. Strong: Linearizability. Reads guarantee latest write. High latency, lower availability.
  2. Bounded Staleness: Lag defined by time (e.g., 5 mins) or versions (e.g., 100 updates).
  3. Session: (Default) Consistent within a single client session. “Read your own writes.”
  4. Consistent Prefix: No out-of-order writes seen.
  5. Eventual: Lowest latency, highest availability. Data converges eventually.

Blob Storage

• Access Tiers:
  • Hot: Frequent access. Highest storage cost, lowest access cost.
  • Cool: Infrequent access (stored > 30 days). Lower storage cost, higher access cost.
  • Archive: Rare access (stored > 180 days). Offline (Rehydrate takes hours).
• Lifecycle Management: JSON rules to auto-move data (Hot -> Cool -> Archive -> Delete).
• Metadata: Key-value pairs attached to blobs (Case-insensitive keys).

3. Azure Security (15-20%)

Authentication vs. Authorization

• AuthN (Who are you?): Entra ID (Azure AD).
• AuthZ (What can you do?): RBAC.

Microsoft Identity Platform

• Service Principal: Identity for an application/service.
• Managed Identities (MI):Exam Favorite
  • System-Assigned: Tied to resource lifecycle (delete VM -> identity dies). 1:1 relationship.
  • User-Assigned: Independent lifecycle. Can be assigned to multiple resources (N:M).
• MSAL (Microsoft Authentication Library): Library to acquire tokens. Replaces ADAL.

Shared Access Signatures (SAS)

• User Delegation SAS: Secured by Entra ID credentials. (Best practice).
• Service SAS: Secured by Storage Account Key.
• Account SAS: Grant access to service, container, and object levels.
• Parameters: sv (version), st (start time), se (expiry), sp (permissions – r/w/d/l).

Key Vault

• Secrets: Passwords, connection strings.
• Keys: Encryption keys.
• Certificates: SSL/TLS management.
• Access Policies: Legacy way to grant access (permissions on specific verbs like Get, List).
• RBAC: Modern way (control plane + data plane).

4. Monitoring & Optimization (5-10%)

Azure Monitor & Application Insights

• Application Insights: APM (Application Performance Management).
  • Telemetry: Requests, Exceptions, Dependencies, Traces.
  • Availability Tests: Ping endpoint from around the world (URL Ping test).
  • Distributed Tracing: visualize flow across microservices.
• Instrumentation Key: Used to connect app to App Insights resource.

Caching (Redis)

• Cache-Aside Pattern: App checks cache -> if miss, read DB -> update cache -> return.
  • Pros: Cache only contains requested data. Resilient to cache failure.
• Eviction Policies:
  • LRU (Least Recently Used): Default.
  • TTL (Time To Live): Key expiration.

5. Integration / Messaging (20-25%)

“The Messaging Decision Tree” (Critical for Exam)

Feature	Event Grid	Event Hubs	Service Bus
Concept	Reactive (Notification)	Big Data Pipeline (Streaming)	Enterprise Messaging
Data Type	Events (Lightweight, “Something happened”)	Series (Telemetry, Logs)	Messages (High value, Payload)
Communication	Push-Push	Pull (Partitioned consumer)	Pull (Polled)
Ordering	Not guaranteed	Guaranteed within partition	Guaranteed (FIFO) with Sessions
Key Features	System Events, Webhooks, Filters	Capture (save to Blob), High Throughput	Transactions, Dead Letter Queue, Duplicate Detection
Use Case	“Resize image when blob uploaded”	“Log 1M clicks/sec from mobile app”	“Process financial order payment”

API Management (APIM)

• Policies: XML-based rules (Inbound, Backend, Outbound, On-error).
  • Common Policies: Rate Limit (Throttling), Quota (Total calls/month), Validate JWT, caching-policies.
  • Scopes: Global -> Product -> API -> Operation.

6. Quick Code / CLI Snippets to Recognize

• Cosmos DB (.NET SDK):
  • CosmosClient -> GetContainer -> CreateItemAsync / ReadItemAsync.
  • Query: GetItemQueryIterator<T>("SELECT * FROM c WHERE...").
• Azure CLI:
  • az webapp up (Quick deploy).
  • az group create --name rg1 --location eastus.
  • az acr build (Build container in Azure).
• Docker:
  • FROM (Base image), WORKDIR (Set dir), COPY (Add files), CMD / ENTRYPOINT (Run command).

Exam Day Strategy

1. Case Studies: Read the Question first, then scan the requirements. Don’t read the whole wall of text.
2. Keywords:
   • “Decouple” = Service Bus or Storage Queue.
   • “Millions of events/sec” = Event Hubs.
   • “React to change” / “Serverless trigger” = Event Grid.
   • “Lift and Shift” = IaaS (VM) or App Service Containers.
   • “Global Distribution” + “Low Latency” = Cosmos DB.

The AZ-204 exam is dense. This is first part which covers the “Big Ticket” items, but the exam often tests you on the specific differences between similar services and specific SDK implementation details. You can get the full cheat sheet & Real exam questions https://skillcertpro.com/product/developing-solutions-for-microsoft-azure-az-204-practice-exam-test/

AZ-204 Cheat Sheet 2026: Azure Developer Quick Reference