AZ400: Designing and Implementing Microsoft DevOps Solutions
DevOps engineers are developers or infrastructure administrators who also have subject matter expertise in working with people, processes, and products to enable continuous delivery of value in organizations.
Responsibilities for this role include designing and implementing strategies for collaboration, code, infrastructure, source control, security, compliance, continuous integration, testing, delivery, monitoring, and feedback.
DevOps engineers work on cross-functional teams that include developers, site reliability engineers, and Azure administrators.
DevOps engineers must have experience with administering and developing in Azure, with strong skills in at least one of these areas. They should be familiar with both Azure DevOps and GitHub.
This exam measures your ability to accomplish the following technical tasks:
- Configure processes and communications
- Design and implement source control
- Design and implement build and release pipelines
- Develop a security and compliance plan
- Implement an instrumentation strategy
Skills measured
- Configure processes and communications (10-15%)
- Design and implement source control (15-20%)
- Design and implement build and release pipelines (40-45%)
- Develop a security and compliance plan (10-15%)
- Implement an instrumentation strategy (10-15%)
Tips
- Watch AZ-400 exam prep videos on Learn
- Review the AZ-400 study guide to prepare for the exam
- Try a Sample Quiz
- Get started on a DevOps transformation journey
- Development for enterprise DevOps
- Implement CI with Azure Pipelines and GitHub Actions
- Design and implement a release strategy
- Implement a secure continuous deployment using Azure Pipelines
- Manage infrastructure as code using Azure and DSC
- Design and implement a dependency management strategy
- Implement continuous feedback
- Implement security and validate code bases for compliance
Get started on a DevOps transformation journey
This learning path helps you understand what DevOps is and how to plan for a DevOps transformation journey.
Readings
- Introduction to DevOps
-
Choose the right project
- Introduction
- Explore greenfield and brownfield projects
- Decide when to use greenfield and brownfield projects
- Decide when to use systems of record versus systems of engagement
- Identify groups to minimize initial resistance
- Identify project metrics and key performance indicators (KPIs)
- Knowledge check
- Summary
- Describe team structures
- Choose the DevOps tools
-
Plan Agile with GitHub Projects and Azure Boards
- Introduction
- Introduction to GitHub Projects and Project boards
- Introduction to Azure Boards
- Link GitHub to Azure Boards
- Configure GitHub Projects
- Manage work with GitHub Project boards
- Customize Project views
- Collaborate using team discussions
- Agile plan and portfolio management with Azure Boards
- Knowledge check
- Summary
- Introduction to source control
- Describe types of source control systems
- Work with Azure Repos and GitHub
Development for enterprise DevOps
This learning path examines the key Git features that organizations must plan for when designing their enterprise DevOps.
Readings
- Structure your Git Repo
- Manage Git branches and workflows
- Collaborate with pull requests in Azure Repos
- Identify technical debt
- Explore Git hooks
- Plan foster inner source
- Manage Git repositories
Implement CI with Azure Pipelines and GitHub Actions
This learning path introduces the continuous integration concept using Azure Pipelines and GitHub Actions and provides instruction on configuring those services and building applications.
Readings
- Explore Azure Pipelines
-
Manage Azure Pipeline agents and pools
- Introduction
- Choose between Microsoft-hosted versus self-hosted agents
- Explore job types
- Introduction to agent pools
- Explore predefined agent pool
- Understand typical situations for agent pools
- Communicate with Azure Pipelines
- Communicate to deploy to target servers
- Examine other considerations
- Describe security of agent pools
- Configure agent pools and understanding pipeline styles
- Knowledge check
- Summary
- Describe pipelines and concurrency
- Explore continuous integration
- Implement a pipeline strategy
- Integrate with Azure Pipelines
- Introduction to GitHub Actions
-
Learn continuous integration with GitHub Actions
- Introduction
- Describe continuous integration with actions
- Examine environment variables
- Share artifacts between jobs
- Examine Workflow badges
- Describe best practices for creating actions
- Mark releases with Git tags
- Create encrypted secrets
- Use secrets in a workflow
- Implement GitHub Actions For CI/CD
- Knowledge check
- Summary
-
Design a container build strategy
- Introduction
- Examine structure of containers
- Work with Docker containers
- Understand Dockerfile core concepts
- Examine multi-stage Dockerfiles
- Examine considerations for multiple stage builds
- Explore Azure container-related services
- Deploy Docker containers to Azure App Service web apps
- Knowledge check
- Summary
Design and implement a release strategy
This learning path explains the concepts of continuous delivery and releases strategy considerations for setting up deployment stages and your delivery and deployment cadence, and lastly, setting up your release approvals.
Readings
- Introduction to continuous delivery
-
Create a release pipeline
- Introduction
- Describe Azure DevOps release pipeline capabilities
- Explore release pipelines
- Explore artifact sources
- Choose the appropriate artifact source
- Exercise - Select an artifact source
- Examine considerations for deployment to stages
- Exercise - Set up stages
- Explore build and release tasks
- Explore custom build and release tasks
- Explore release jobs
- Configure Pipelines as Code with YAML
- Knowledge check
- Summary
-
Explore release recommendations
- Introduction
- Understand the delivery cadence and three types of triggers
- Exercise - Select your delivery and deployment cadence
- Explore release approvals
- Exercise - Set up manual approvals
- Explore release gates
- Use release gates to protect quality
- Control deployments using release gates
- Knowledge check
- Summary
- Provision and test environments
- Manage and modularize tasks and templates
-
Automate inspection of health
- Introduction
- Automate inspection of health
- Explore events and notifications
- Explore service hooks
- Exercise - Set up service hooks to monitor the pipeline
- Configure Azure DevOps notifications
- Configure GitHub notifications
- Explore how to measure quality of your release process
- Examine release notes and documentation
- Examine considerations for choosing release management tools
- Explore common release management tools
- Create a release dashboard
- Knowledge check
- Summary
Implement a secure continuous deployment using Azure Pipelines
This learning path helps you understand automated release gates, secrets, and secret management in your pipeline. You will learn how to implement alerting mechanisms, report on your quality, and get notified by using service hooks.
Readings
- Introduction to deployment patterns
- Implement blue-green deployment and feature toggles
- Implement canary releases and dark launching
- Implement A/B testing and progressive exposure deployment
- Integrate with identity management systems
-
Manage application configuration data
- Introduction
- Rethink application configuration data
- Explore separation of concerns
- Understand external configuration store patterns
- Introduction to Azure App Configuration
- Examine Key-value pairs
- Examine App configuration feature management
- Integrate Azure Key Vault with Azure Pipelines
- Manage secrets, tokens and certificates
- Examine DevOps inner and outer loop
- Integrate Azure Key Vault with Azure DevOps
- Enable Dynamic Configuration Feature Flags
- Knowledge check
- Summary
Manage infrastructure as code using Azure and DSC
This learning path explores the “Infrastructure as Code” (IaC) concept and how to manage your operations environment the same way you do applications or other code for general release.
Readings
- Explore infrastructure as code and configuration management
- Create Azure resources using Azure Resource Manager templates
- Create Azure resources by using Azure CLI
-
Explore Azure Automation with DevOps
- Introduction
- Create automation accounts
- What is a runbook?
- Understand automation shared resources
- Explore runbook gallery
- Examine webhooks
- Explore source control integration
- Explore PowerShell workflows
- Create a workflow
- Exercise - Create and run a workflow runbook
- Examine checkpoint and parallel processing
- Knowledge check
- Summary
-
Implement Desired State Configuration (DSC)
- Introduction
- Understand configuration drift
- Explore Desired State Configuration (DSC)
- Explore Azure Automation State configuration (DSC)
- Examine DSC configuration file
- Exercise - Import and compile
- Exercise - Onboard machines for management
- Explore hybrid management
- Implement DSC and Linux Automation on Azure
- Knowledge check
- Summary
- Implement Bicep
Design and implement a dependency management strategy
This learning path examines dependency management in software development, how to identify them in your codebase and how to package and manage dependencies in package feeds.
Readings
- Explore package dependencies
-
Understand package management
- Introduction
- Explore packages
- Understand package feeds
- Explore package feed managers
- Explore common public package sources
- Explore self-hosted and SaaS based package sources
- Consume packages
- Introduction to Azure Artifacts
- Publish packages
- Package Management with Azure Artifacts
- Knowledge check
- Summary
- Migrate consolidating and secure artifacts
- Implement a versioning strategy
- Introduction to GitHub Packages
Implement continuous feedback
This learning path introduces the continuous feedback concept and describes how to implement it in your DevOps cycle.
Readings
-
Implement tools to track usage and flow
- Introduction
- Understand the inner loop
- Introduction to continuous monitoring
- Explore Azure Monitor and Log Analytics
- Examine Kusto Query Language (KQL)
- Explore Application Insights
- Implement Application Insights
- Exercise - Add Application Insights to an ASP.NET core application
- Monitor application performance with Application Insights
- Knowledge check
- Summary
- Develop monitor and status dashboards
- Share knowledge within teams
- Design processes to automate application analytics
- Manage alerts, blameless retrospectives and a just culture
Implement security and validate code bases for compliance
This learning path explores an infrastructure and configuration strategy and appropriate toolset for a release pipeline and application infrastructure. It explains compliance and security implementation in your application infrastructure.
Readings
- Introduction to Secure DevOps
- Implement open-source software
-
Software Composition Analysis
- Introduction
- Inspect and validate code bases for compliance
- Explore software composition analysis
- Integrate WhiteSource with Azure DevOps pipeline
- Implement GitHub Dependabot alerts and security updates
- Integrate software composition analysis checks into pipelines
- Examine tools for assess package security and license rate
- Interpret alerts from scanner tools
- Implement Security and Compliance in an Azure Pipeline
- Knowledge check
- Summary
- Static analyzers
- OWASP and Dynamic Analyzers
-
Security Monitoring and Governance
- Introduction
- Implement pipeline security
- Explore Microsoft Defender for Cloud
- Examine Microsoft Defender for Cloud usage scenarios
- Explore Azure Policy
- Understand policies
- Explore initiatives
- Explore resource locks
- Explore Azure Blueprints
- Understand Microsoft Defender for Identity
- Knowledge check
- Summary