Why This Cheat Sheet Matters for AZ-900
This cheat sheet covers the most important Azure Governance concepts tested on the AZ-900 (Azure Fundamentals) certification exam. It contains 3 sections with 12 key points that you should memorize before exam day. Understand Azure Policy, Azure Blueprints, resource locks, Microsoft Purview, and compliance tools like Trust Center and Service Trust Portal. Use this as a quick-reference guide during your final review sessions.
Azure Policy
- Enforces organizational standards and assesses compliance at scale.
- Policies can audit, deny, or remediate non-compliant resources.
- Initiative definitions group multiple policies together.
- Policies are inherited through the management group hierarchy.
Resource Protection
- Resource locks prevent accidental deletion or modification.
- Delete lock: allows read and modify, prevents deletion.
- ReadOnly lock: allows read only, prevents modification and deletion.
- Locks are inherited by child resources.
Compliance
- Microsoft Purview provides data governance across your data estate.
- Azure Blueprints packages ARM templates, policies, RBAC, and resource groups.
- Service Trust Portal provides audit reports and compliance documentation.
- Trust Center contains information about Microsoft security, privacy, and compliance.
Practice Governance Questions
Put your knowledge to the test with practice questions.
Azure Quick Reference Tips
Azure services follow consistent naming patterns that help with exam recall. Resource Manager (ARM) templates use JSON, while Bicep provides a cleaner DSL for infrastructure as code. Remember that Azure resources are organised in a hierarchy: Management Groups → Subscriptions → Resource Groups → Resources.