This article is just one another preparation guide to Microsoft exam AZ-400 (but probably the most complete). I hope it will be useful 🙂
Even you don’t plan to take the exam, all this content is really interesting to read and understand if you want to discover and improve your knowledge on DevOps on Azure.
Before starting studying, you must know very well what this certification is about and what are the prerequisites.
The topics included in this exam are the following :
- Design a DevOps strategy (20-25%)
- Implement DevOps development processes (20-25%)
- Implement continuous integration (10-15%)
- Implement continuous delivery (10-15%)
- Implement dependency management (5-10%)
- Implement application infrastructure (15-20%)
- Implement continuous feedback (10-15%)
More details : https://www.microsoft.com/en-us/learning/exam-az-400.aspx
Module 0 – DevOps & Azure DevOps – basics
Module 1 – Design a DevOps strategy (20-25%)
Free ebook : effective DevOps
https://azure.microsoft.com/en-us/resources/effective-devops/
What is DevOps ?
https://docs.microsoft.com/en-us/azure/devops/learn/what-is-devops
https://docs.microsoft.com/en-us/learn/modules/get-started-with-devops/
DevOps: Bridging the gap between business and development
https://www.developer-tech.com/news/2016/jan/29/devops-bridging-gap-between-business-and-development/
Analyze existing Test Management Tools
Azure Test Plans
https://azure.microsoft.com/en-us/services/devops/test-plans/
https://docs.microsoft.com/en-us/azure/devops/test-plans/index?view=azure-devops
Cloud-based load testing service end of life
https://devblogs.microsoft.com/devops/cloud-based-load-testing-service-eol/
Analyze existing Work Management Tools
Azure Boards
https://docs.microsoft.com/en-us/azure/devops/boards/get-started
Best tool to add, update, and link work items
https://docs.microsoft.com/en-us/azure/devops/boards/work-items/best-tool-add-update-link-work-items?toc=/azure/devops/boards/get-started/toc.json&bc=/azure/devops/boards/get-started/breadcrumb/toc.json&view=azure-devops
Concurrent Pipelines (Parallel Jobs)
https://docs.microsoft.com/en-us/azure/devops/pipelines/licensing/concurrent-jobs-vsts
Design a license management strategy
https://azure.microsoft.com/en-us/services/devops/compare-features/
https://azure.microsoft.com/en-us/pricing/details/devops/azure-devops-services/
Recommend a strategy for measuring and managing technical debt
Design a quality strategy
Managing Technical Debt
https://www.youtube.com/watch?v=KM0O633KZEE
Developers’ Seven Deadly Sins
https://docs.sonarqube.org/display/SONARQUBE45/Developers%27+Seven+Deadly+Sins
Driving continuous quality of your code with SonarCloud
https://www.azuredevopslabs.com/labs/vstsextend/sonarcloud/
Design a secure development process
DevSecOps : https://www.youtube.com/watch?v=ukdW9eTv3uw
WhiteSource Bolt – Free developer tool for finding and fixing open source vulnerabilities
https://bolt.whitesourcesoftware.com/
https://bolt.whitesourcesoftware.com/azure/faq/
Managing Open-source security and license with WhiteSource
https://www.azuredevopslabs.com/labs/vstsextend/WhiteSource
Check policy compliance with gates
https://docs.microsoft.com/en-us/azure/devops/pipelines/policies/azure-policy?view=azure-devops
Azure Blueprints & Policy to get DevOps right | Best of Microsoft Ignite 2018
https://www.youtube.com/watch?time_continue=1&v=OiOXlgFNgDo
Migrate for TFVC to Git
https://github.com/git-tfs/git-tfs
Import a Git repo
https://docs.microsoft.com/en-us/azure/devops/repos/git/import-git-repository?view=azure-devops
Bring your own repo to Azure DevOps
https://docs.microsoft.com/en-us/azure/devops/boards/github/connect-to-github?view=azure-devops
https://dailydotnettips.com/bring-your-own-git-repository-code-to-azure-devops-project/
Module 2 – Implement DevOps development processes (20-25%)
— Design a Version Control Strategy —
Azure DevOps Repo
2 kinds of repo :
- TFVC (Team Foundation Version Control)
- Git
- Pull requests (for example to move new stuff in master branch)
- Branch policies (ex: prevent people to commit change to master branch)
- Hooks for CI/CD
Solutions like Azure Repo : Github, Gitlab, BitBucket
Recommend Branching Models
https://docs.microsoft.com/en-us/azure/devops/repos/git/git-branching-guidance
Improve code quality with branch policies
https://docs.microsoft.com/en-us/azure/devops/repos/git/branch-policies?view=azure-devops
Recommend Version Control Systems
https://docs.microsoft.com/en-us/azure/devops/user-guide/source-control
git user guide
https://docs.microsoft.com/en-us/azure/devops/user-guide/code-with-git?view=azure-devops
Configure Branch Policies
https://docs.microsoft.com/en-us/azure/devops/repos/git/_img/branches/branches-page.png?view=azure-devops
Share code and collaborate on your next project using Git and pull requests hosted by Azure DevOps
https://www.youtube.com/watch?v=J_DHkUKxI0E
Azure DevOps – Maitriser le PullRequest
https://www.youtube.com/watch?v=kJN1sZlcUUw
Recommend Code Flow Strategy
https://docs.microsoft.com/en-us/azure/devops/learn/devops-at-microsoft/release-flow
Mono versus Multi repo
Git Branching Antipatterns
https://www.youtube.com/watch?v=ykZbBD-CmP8
Branching Workflow Types
- Feature branching
- Gitflow branching : https://www.youtube.com/watch?v=QY5O5o2jfsw
Master / Develop / Feature
Master / hotfixes / Develop / Feature
Gitflow for Visual Studio : https://marketplace.visualstudio.com/items?itemName=vs-publisher-57624.GitFlowforVisualStudio2017
GitFlow 4 Code : https://marketplace.visualstudio.com/items?itemName=GreatMinds.gitflow4code
GitFlow is great for a release-based software workflow
GitFlow offers a dedicated channel for hotfixes to production - Forking Workflow
Forking Branch workflow gives every developer their own server-side repository
Each contributor has not one, but two Git repositories: a private local one and a public server-side one
Forked repositories use the standard git clone command
Collaborating with Pull Request
1- Branch
2- Discuss
3- Merge
Azure Repos Collaborating with Pull Requests
https://www.youtube.com/watch?v=tFB_O9FCh08
GitHooks : A mechanism that allows arbitrary code to be run before, or after, certain Git lifecycle events occur
Can be used to enforce policies…
Introduction to GitHooks : https://www.youtube.com/watch?v=8-JL6NOTZOw
https://githooks.com/
GitVersion is a tool to help you achieve Semantic Versioning
Create version number with the following convention Major.Minor.Patch
Semantic Versioning os all about releases, not builds.
Getting started with InnerSource—open source workflows in the enterprise: https://www.youtube.com/watch?v=D3C12ojRcp0
Azure DevOps Team Projects can be public
https://docs.microsoft.com/en-us/azure/devops/organizations/public/about-public-projects?view=azure-devops
Azure DevOps Pipelines
- Build Automation
- Continuous Integration
- Deployment automation
- Traceability and compliance
- Hooks for other products
Solutions like Azure DevOps Pipeline :
Build : Jenkins, TeamCity, Travis CI, Circle CI
Deploy : XebiaLabs XL Deploy, Octopus Deploy,
Azure Pipeline free for open source projects in Github public or private repo
https://github.com/marketplace/azure-pipelines
Azure DevOps Public Project is a organization-level setting
Storing Files in Git:
- Don’t commit the binaries (especially big ones), logs, tracing output or diagnostic data
- Use a package management system for library files, DLL and other dependent files
Git Large File Storage (LFS) :
An open source Git extension for versioning large files
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server like GitHub.com or GitHub Enterprise.
CLI : https://git-lfs.github.com/
- Supported in Azure DevOps and Free
https://help.github.com/en/articles/configuring-git-large-file-storage
Concepts of pipeline in DevOps
- Build automation and Continuous Integration
- Test automation
- Deployment automation
- Your Pipeline needs platform provisioning and configuration management
- Orchestrating it all : Release and Pipeline Orchestration
Azure Pipelines combines continuous integration (CI) and continuous delivery (CD)
An Artifact is a collection of files and packages published by a build. Artifacts are made available to subsequent tasks, such as distribution or deployment
Concurrent Pipelines (Parallel Jobs)
https://docs.microsoft.com/en-us/azure/devops/pipelines/licensing/concurrent-jobs-vsts
— Implement a mobile DevOps strategy —
CI/CD DevOps Pipeline for mobile apps and services <== you must watch it !
https://azure.microsoft.com/pt-br/resources/videos/connect-2017-ci-cd-devops-pipeline-for-mobile-apps-and-services/
Deploy Azure DevOps Builds with App Center
https://docs.microsoft.com/en-us/appcenter/distribution/vsts-deploy
Using Azure DevOps for UI Testing
https://docs.microsoft.com/en-us/appcenter/test-cloud/vsts-plugin
Code signing for iOS
https://docs.microsoft.com/en-us/appcenter/build/ios/code-signing
Automating Selenium Tests in Azure Pipelines
https://www.azuredevopslabs.com/labs/vstsextend/selenium/
— Managing application configuration and secrets —
Implement a secure and compliant development process
Learn how to add continuous security validation to your CI/CD pipeline
https://docs.microsoft.com/en-us/azure/devops/migrate/security-validation-cicd-pipeline?view=azure-devops
Implement general (non-secret) configuration data
External Configuration Store pattern
https://docs.microsoft.com/en-us/azure/architecture/patterns/external-configuration-store
Manage secrets, tokens, and certificates
Use Azure Key Vault secrets in your CI build : https://www.youtube.com/watch?v=jAJO3jE9qek
Azure Key Vault task
https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-key-vault?view=azure-devops
Using secret in a Pipeline
https://www.azuredevopslabs.com/labs/vstsextend/azurekeyvault/
Variable Groups
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups?view=azure-devops&tabs=yaml
https://mrdevops.io/introducing-azure-key-vault-to-kubernetes-931f82364354
https://github.com/SparebankenVest/azure-key-vault-to-kubernetes
Implement tools for managing security and compliance in the pipeline
https://docs.microsoft.com/en-us/azure/devops/migrate/security-validation-cicd-pipeline?view=azure-devops#ci-continuous-integration
https://blogs.msdn.microsoft.com/secdevblog/2016/03/30/roslyn-diagnostics-security-analyzers-overview/
https://www.checkmarx.com/
https://github.com/Microsoft/binskim
Scanning 3rd party packages for vulnerabilities and OSS license usage :
https://www.whitesourcesoftware.com/
https://blogs.msdn.microsoft.com/visualstudioalmrangers/2017/06/08/manage-your-open-source-usage-and-security-as-reported-by-your-cicd-pipeline/
OWASP ZAP : https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
Performing a Pen Test after each Deployment using OWASP ZAP, Azure Container Instances, and Azure DevOps
https://www.deliveron.com/blog/performing-a-pen-test-after-each-deployment-using-owasp-zap-azure-container-instances-and-azure-devops/
OWASP Zed Attack Proxy Scan
https://marketplace.visualstudio.com/items?itemName=kasunkodagoda.owasp-zap-scan
Threat Modeling
https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling?SilentAuth=1
Azure Key Vault
https://docs.microsoft.com/en-us/azure/key-vault/about-keys-secrets-and-certificates
https://www.synopsys.com/blogs/software-security/protecting-keys-and-secrets-in-microsoft-azure/
Module 3 – Implement Continuous Integration (10-15%)
— Manage code quality and security policies —
From “Technical debt” to “Technical decision”
https://startups.microsoft.com/en-us/blog/from-technical-debt-to-technical-decision/
Let’s talk about Technical Debt
https://devblogs.microsoft.com/premier-developer/lets-talk-about-technical-debt/
SonarCloud
https://sonarcloud.io/about
CICD for Automation Testers -13.4. SonarCloud setup – Cloud SonarQube version
https://www.youtube.com/watch?v=RLDo_54w0tc
Useful Tasks in Azure DevOps (includes SonarCloud)
https://www.youtube.com/watch?v=8dETmUcAl8w
ndepend
https://www.ndepend.com/
resharper
https://www.jetbrains.com/resharper/
What is a pipeline ?
https://devops.com/continuous-delivery-pipeline/
Building and Deploying your Code with Azure Pipelines
https://www.youtube.com/watch?v=NuYDAs3kNV8
Builds Pipelines in Azure DevOps : defined in YAML file or using Visual Designer
Release Pipelines in Azure DevOps : defined using Visual Designer
Azure Pipelines integrate with Azure deployment, on premises or other clouds (AWS, Google Cloud..)
Azure Pipelines
https://docs.microsoft.com/en-us/azure/devops/pipelines/?view=azure-devops
Use Azure Pipelines
https://docs.microsoft.com/en-us/azure/devops/pipelines/get-started/pipelines-get-started?view=azure-devops&tabs=yaml
Create your first pipeline
https://docs.microsoft.com/en-us/azure/devops/pipelines/create-first-pipeline?view=azure-devops&tabs=tfs-2018-2
/!\ review Azure Pipelines terms
Agent, Artifact, Build, Continuous Delivery, Continuous Integration, Deployment Target, Job, Pipeline, Release, Task, Trigger
Azure DevOps Variables
https://www.synopsys.com/blogs/software-security/protecting-keys-and-secrets-in-microsoft-azure/
Azure Pipelines agents
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/agents?view=azure-devops
To build your code or deploy your software using Azure Pipelines you need at least one agent. As you add more code and people, you’ll eventually need more.
- Microsoft-hosted agent (runs on a VM or in a container)
- Self-hosted agents (MacOs, Linux, Windows, Docker)
Azure Pipelines: https://dev.azure.com/{your_organization}/_settings/agentpools
Agent pools : https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/pools-queues?view=azure-devops
default pool is for self-hosted agents, Hosted pool are all other agents
Create your first pipeline
https://docs.microsoft.com/en-us/azure/devops/pipelines/create-first-pipeline?view=azure-devops&tabs=tfs-2018-2
Configuring CI/CD Pipelines as Code with YAML in Azure DevOps
https://www.azuredevopslabs.com/labs/azuredevops/yaml/
Continuously deploy from a Jenkins build /!\
https://docs.microsoft.com/en-us/azure/devops/pipelines/release/integrate-jenkins-pipelines-cicd?view=azure-devops&tabs=yaml
Configuring a CD pipeline for your Jenkins CI /!\
https://www.azuredevopslabs.com/labs/vstsextend/jenkins/
Integrate Your GitHub Projects With Azure Pipelines
https://www.azuredevopslabs.com/labs/azuredevops/github-integration/
Build, test, and push Docker container apps ==> A must do !
https://docs.microsoft.com/en-us/azure/devops/pipelines/languages/docker?view=azure-devops
Use Docker multi-stage builds /!\
https://docs.docker.com/v17.09/engine/userguide/eng-image/multistage-build/
Deploy to an Azure Web App for Containers
https://docs.microsoft.com/en-us/azure/devops/pipelines/apps/cd/deploy-docker-webapp?view=azure-devops
Deploy a Docker container app to Azure Kubernetes Service
https://docs.microsoft.com/en-us/azure/devops/pipelines/apps/cd/deploy-aks?view=azure-devops
Deploying a Multi-container application to Azure Kubernetes Service – https://www.azuredevopslabs.com/labs/vstsextend/kubernetes/
Pipeline options for Git repositories
https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/pipeline-options-for-git?view=azure-devops
Module 4 – Implement continuous delivery (10-15%)
Release approvals and gates overview
https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/?view=azure-devops
Release deployment control using gates
https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates?view=azure-devops
YAML Release Pipelines in Azure DevOps
https://www.youtube.com/watch?v=ORy3OeqLZlE
Jenkins
https://jenkins.io
Circle CI
https://circleci.com
Azure DevOps Marketplace
https://marketplace.visualstudio.com
Azure DevOps Agents
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/pools-queues?view=azure-devops
What is A/B testing ?
https://docs.microsoft.com/en-us/gaming/playfab/features/analytics/ab-testing/
Deployment Strategies Defined
http://blog.itaysk.com/2017/11/20/deployment-strategies-defined
What is canary & dark launching
https://www.functionize.com/blog/what-is-canary-testing-and-dark-launching/
Continuous Delivery and DevOps with Azure DevOps: The Big Picture (excellent content)
https://app.pluralsight.com/library/courses/continuous-delivery-azure-devops-big-picture/table-of-contents
Module 5 – Implement dependency management (5-10%)
Azure Artifacts :
- Package management
- Nuget
- NPM
- Artifact repo
- Track usage of external packages
- Traceability
Package Management with Azure Artifacts
https://www.azuredevopslabs.com/labs/azuredevops/packagemanagement
(Re-)Introducing Azure Artifacts – PRE05 (may 2019)
https://www.youtube.com/watch?v=M9KU0k_HRA0&list=PLlrxD0HtieHgspNIlv1x2H5_cxSRm7B17&index=14&t=0s
Whitesource Bolt
https://marketplace.visualstudio.com/items?itemName=whitesource.ws-bolt
https://bolt.whitesourcesoftware.com/azure/faq/
Module 6 – Implement application infrastructure (15-20%)
— Implement infrastructure as code (IaC) —
Nested ARM Templates: Modularity and Reuse
https://dzone.com/articles/cloud-vs-on-premise-software-deployment-whats-righ
Understand the structure and syntax of Azure Resource Manager templates
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authoring-templates
Using linked and nested templates when deploying Azure resources
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-linked-templates
Use Azure Key Vault to pass secure parameter value during deployment
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter
Terraform with Azure
https://www.terraform.io/docs/providers/azurerm/index.html
Using Ansible on Azure
https://docs.microsoft.com/en-us/azure/ansible/ansible-overview
Ansible module for Azure
https://docs.ansible.com/ansible/latest/modules/list_of_cloud_modules.html#azure
Automating Infrastructure Deployments in the Cloud with Ansible and Azure Pipelines
https://www.azuredevopslabs.com/labs/vstsextend/ansible/
—Manage Azure Kubernetes Service infrastructure —
Provisionning Azure Kubernetes Services
with Azure CLI : https://docs.microsoft.com/en-us/cli/azure/aks?view=azure-cli-latest#az-aks-create
with PowerShell : https://docs.microsoft.com/en-us/powershell/module/azurerm.aks/New-AzureRmAks?view=azurermps-6.13.0
with ARM template : https://azure.microsoft.com/en-us/resources/templates/101-aks/
with Ansible : https://docs.ansible.com/ansible/latest/modules/azure_rm_aks_module.html#azure-rm-aks-module
with Terraform : https://www.terraform.io/docs/providers/azurerm/r/kubernetes_cluster.html
Deploy workload on Kubernetes
https://kubernetes.io/docs/tutorials/kubernetes-basics/deploy-app/deploy-intro/
Deploy, Scale And Upgrade An Application On Kubernetes With Helm
https://docs.bitnami.com/kubernetes/how-to/deploy-application-kubernetes-helm/
Scaling options for applications in Azure Kubernetes Service (AKS)
https://docs.microsoft.com/en-us/azure/aks/concepts-scale
— Implement infrastructure compliance and security —
Automate resources in your datacenter or cloud by using Hybrid Runbook Worker
https://docs.microsoft.com/en-us/azure/automation/automation-hybrid-runbook-worker
Integrate with service hooks
https://docs.microsoft.com/en-us/azure/devops/service-hooks/overview?view=azure-devops
Azure DevOps Access levels
https://docs.microsoft.com/en-us/azure/devops/organizations/security/access-levels?view=azure-devops
Module 7 – Implement continuous feedback (10-15%)
Azure Board
- Works items (bug, feature, task…)
- Traceability
- Planning
- Backlog (list ordered by priorities)
- Sprint
- Kanban
- Queries
Similar solutions like Azure Board : Trello, Jira
Azure Test Plans
- Planned and exploratory testing solution
- Capture rich data
- Test across web and desktop
- Get end-to-end traceability
App Insights Metrics Dashboard
https://docs.microsoft.com/en-us/azure/azure-monitor/app/overview-dashboard
Monitor the availability of any website
https://docs.microsoft.com/en-us/azure/azure-monitor/app/monitor-web-app-availability
Dashboards, Charts, Reports, & Widgets
https://docs.microsoft.com/en-us/azure/devops/report/dashboards/?view=azure-devops
Configure a Burndown or Burnup widget
https://docs.microsoft.com/en-us/azure/devops/report/dashboards/configure-burndown-burnup-widgets?view=azure-devops
Lead time and cycle time widgets
https://docs.microsoft.com/en-us/azure/devops/report/dashboards/cycle-time-and-lead-time?view=azure-devops
Configure the Velocity widget
https://docs.microsoft.com/en-us/azure/devops/report/dashboards/team-velocity?view=azure-devops
Teams & Azure DevOps integration
https://azuredevopslabs.com/labs/vsts/teams
Feature flag driven environment
http://blog.launchdarkly.com/feature-flag-driven-development/
Feature Flag Management with LaunchDarkly and AzureDevOps
https://www.azuredevopslabs.com/labs/vstsextend/launchdarkly
Uservoice Azure DevOps integration
https://feedback.uservoice.com/knowledgebase/articles/363410-vsts-azure-devops-integration
Release Gates
https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates?view=vsts
A good incident postmortem
https://blogs.msdn.microsoft.com/bharry/2018/03/02/a-good-incident-postmortem/
Our DevOps Journey
https://stories.visualstudio.com/devops/
Additional great resources to prepare AZ 400
Azure DevOps labs (a big bunch of Azure DevOps labs)
https://azuredevopslabs.com
Azure DevOps Training Workshop 2018 (5 hours &17 minutes of video !!)
https://www.youtube.com/watch?v=6zledVXBvJs
How to Pass the AZ-400 Microsoft Azure DevOps Solutions Exam
https://azurementor.wordpress.com/2018/11/18/how-to-pass-the-az-400-microsoft-azure-devops-solutions-beta-exam
Azure DevOps AZ-400 Exam – Study Notes
https://gregorsuttie.com/2018/10/27/azure-devops-az-400-exam-study-notes/
Be prepared for questions on :
- Azure Repos
- TFSVC vs Git
- Azure DevOps pipelines : Build & Release
- Jenkins
- Azure App Center
- Azure Boards
- Azure Key Vault
- Azure Automation + PowerShell DSC
- Azure Kubernetes Services
- Docker Containers
- Azure Resource Manager Templates
Hope this study guide will be useful for you. Don’t hesitate to post a comment or send me a message on Twitter @squastana or on LinkedIn
https://www.linkedin.com/in/stanislasquastana/
Last but not least, don’t forget to spend time on http://microsoft.com/learn where you can find additional materials to prepare your certification.