Create and configure virtual machines (VMs)
📘Microsoft Certified: Azure Administrator Associate (AZ-104)
1. What Is an Azure Virtual Machine?
A Virtual Machine (VM) in Azure is a software-based computer that runs in the cloud. You can install operating systems, applications, development tools, or server workloads just like on a physical system in an office.
VMs are commonly used for:
- Running applications
- Hosting websites or databases
- Testing environments
- Running internal company services (e.g., file servers, domain controllers, application servers)
The exam tests whether you know how to deploy a VM correctly using the Azure portal, Azure CLI, PowerShell or ARM/Bicep templates.
2. Methods to Create a VM in Azure
AZ-104 expects you to know all available creation methods:
a. Azure Portal
A graphical, web-based interface. Suitable for beginners and quick deployments.
b. Azure CLI
Command-line tool for scripting and automation.
c. Azure PowerShell
Preferred by admins familiar with Windows and PowerShell automation.
d. ARM Templates / Bicep
Infrastructure-as-Code (IaC) methods for consistent, repeatable deployments.
3. Key Steps in Creating a VM (What You Must Know for the Exam)
When you create a VM, Azure asks you to configure several important settings. Each setting affects cost, performance, security, and functionality.
Below are the most exam-relevant settings.
4. VM Basics (Basics Tab)
These are the first choices you make.
a. Subscription
Choose the Azure subscription where the VM resources will be billed.
b. Resource Group
A container for related resources (VM, disk, NIC, IP address).
Used for organizing and managing resources.
c. Virtual Machine Name
A unique name to identify the VM.
d. Region
Where the VM will run (e.g., East US, West Europe).
Region affects:
- Latency (distance to users)
- Service availability
- Pricing
- Compliance requirements
e. Availability Options
Ensures reliability for production workloads.
You must know the difference:
| Availability Option | What It Does |
|---|---|
| No infrastructure redundancy required | No high-availability configuration |
| Availability Zone | VM is placed in physically separate datacenters (zone-level redundancy) |
| Availability Set | Protects against rack failures (fault domains) and maintenance events (update domains) |
AZ-104 exam tip: Availability Zones > Availability Sets in terms of protection.
f. Security Type
Options may include:
- Standard
- Trusted Launch (provides secure boot, virtual TPM)
Know that Trusted Launch increases security against malware and firmware attacks.
g. Image (OS Image)
Choose the operating system for the VM:
- Windows Server (various versions)
- Linux distributions (Ubuntu, Red Hat, SUSE, etc.)
- Custom images (from your own VM image)
- Shared image gallery images
h. VM Size (CPU + RAM)
Common size families:
| VM Family | Purpose |
|---|---|
| B-series | Low-cost burstable workloads |
| D-series | General-purpose workloads |
| E-series | Memory-intensive workloads |
| F-series | Compute-intensive workloads |
| L-series | Storage-intensive workloads (high disk throughput) |
Exam Tip:
Cost is directly related to VM size. Larger sizes = higher cost.
5. Administrator Account (Login Credentials)
When creating a VM, you must configure:
Windows VMs:
- Username
- Password
Linux VMs:
- Username
- SSH public key (recommended)
- Or password (less secure)
Exam Tip:
SSH keys are preferred for Linux because they improve security.
6. Inbound Port Rules (Networking Access)
Azure asks whether to allow remote access to the VM:
- RDP (3389) → Windows remote desktop
- SSH (22) → Linux terminal access
You can:
- Allow selected ports
- Block all ports (recommended for high-security environments)
Important exam concept:
Use Azure Bastion instead of exposing RDP/SSH directly to the public internet.
7. Disks (Storage Configuration)
Azure VMs require at least one disk: the OS disk.
Disk Types to Know (Important for AZ-104):
| Disk Type | Performance | Best For |
|---|---|---|
| Standard HDD | Lowest | Low-cost dev/test workloads |
| Standard SSD | Moderate | Balanced performance + cost |
| Premium SSD | High | Production workloads |
| Ultra Disk | Very high | High IOPS/low latency apps (databases) |
Exam Tip:
Premium SSD requires a VM size that supports Premium storage.
8. Networking (Most Exam-Focused Section)
When creating a VM, Azure automatically creates (or lets you select):
a. Virtual Network (VNet)
Provides network isolation and IP addressing.
b. Subnet
Logical network inside the VNet where the VM will be placed.
c. Public IP Address
Optional. Needed if the VM must be reachable over the internet.
d. Network Security Group (NSG)
Controls inbound/outbound traffic rules for the VM.
You may attach NSGs at:
- Subnet level
- NIC level
e. NIC (Network Interface Card)
Connects the VM to Azure networks.
Each VM requires at least one primary NIC.
9. Management Features (Important for Monitoring & Automation)
You can enable:
a. Boot Diagnostics
Captures VM boot logs.
b. OS Guest Diagnostics
Provides insights into CPU, memory, disk usage.
c. Auto-shutdown
Automatically shuts down the VM at a set time to reduce cost.
d. Azure Monitor/Log Analytics Agent
Used for monitoring, alerts, and performance tracking.
10. Advanced Settings
Includes:
- Extensions (run scripts or install agents)
- Custom data (cloud-init for Linux)
- Host group placement
- Encryption settings
- Proximity placement groups (low-latency clusters)
Know what VM extensions are:
Scripts or programs automatically installed on the VM after creation (e.g., Custom Script Extension).
11. Tags
Used for:
- Cost management
- Resource organization
- Automation
Example: Environment=Production
12. Review + Create
The final step validates:
- Configuration
- Dependencies
- Pricing estimate
After validation, you click Create to deploy the VM.
13. Exam Tips and Key Points to Remember
The exam focuses on:
✔ How to choose VM sizes
✔ Differences between disk types
✔ Availability Sets vs Availability Zones
✔ How NSGs secure VMs
✔ Importance of using Azure Bastion instead of public RDP/SSH
✔ Basic VM monitoring and management
✔ VM images (Marketplace, custom, shared image gallery)
✔ Automation using CLI, PowerShell, ARM, Bicep
14. Summary
Creating a VM involves configuring:
- Resource group & region
- Availability options
- OS image
- VM size
- Authentication method
- Disk type
- Networking (VNet, subnet, NSG)
- Management and monitoring settings
- Tags
Understanding each of these choices ensures you can deploy secure, well-performing, cost-efficient virtual machines in Azure—exactly what the AZ-104 exam expects.
