Azure Devops Engineer Interview Questions

Tell me about yourself - it should include your details and roles , tools that u used and services that
u worked.

Devops –

1) How many services does azure Devops provide?

It offers 5 services
Boards, repos,pipelines,testplans-cost effective,artifacts-

2) What are the different types of agent that we use in Devops?

Microsoft hosted agent & self hosted agent

3) In which scenario you used self hosted agent?

Check with sir for answer.

4) How to configure self hosted agent ?

First we need to generate a personal access token then Agent pool need to select read and
manage.then click on create. Token will generate.

In Devops – click on prject settings – click on agent pools – click on default – click on new
agent – down load the agent- then in powershell(admin mode) create directory and unzip
downloaded file and generate agent in powershell by giving all necessary inputs.

5) What is difference between agent pool and deployment group?

Deployment Groups – A logical grouping of target machines based on environments (Dev,

Test, Prod). Agents are installed per environment.

Agent Pools – As the name suggests, this is a pool of build agents, which can be either
Microsoft-hosted or self-hosted, that can be used to run builds and releases across multiple
projects.

Pipelines – deployment group

6) What is the use of task group?.
While creating a .net project build pipeline using classic editor we used to define some
tasks , after defining those tasks if we want to use those tasks again.so we can add
altogether into single reusable task by using task group . That group can be added to a build
or release pipeline like any other tasks in pipeline.
7) What are the demands and capabilities in ci/cd?
In demands we can specify on which capability the agent should run this pipeline. Its like
conditions according to agents.

8) What are the replace tokens in pipelines?

If we want to replace any web config variables then we use replace tokens in
pipelines.
Azure Pipelines extension that replace tokens in files with variable values.
9) What is a release gates ?
Each stage in a release pipeline can be configured with pre-deployment and post-
deployment conditions that can include waiting for users to manually approve or reject
deployments, and checking with other automated systems that specific conditions are met.

10) Explain any code quality tool in pipelines?

In our organisation we used sonar qube for code quality and code review to detect bugs and
to detect security vulnerabilities.if we find any errors or failurs we will inform to
development team to work on it.
Configuring sonar qube to Devops -
First we need to set up sonarqube in vms with public access.
Access that sonarqube url in our actual desktop.
Acess sonarqube dashboard and configuration in azure Devops.
Project creation and integrate it to azure Devops.
Service connection creation between sonarqube and azure Devops
Ms build pipeline and will integrate a demo .net code.
Run sonarqube
Analysis sonarqube dashboard for scan report.

11) Explain about variable we use in pipelines

Pipeline varibales, pre defined varaibles,variable groups

Variable groups - Variable groups store values and secrets that you might want to make
available across multiple pipelines. You can share and use variables groups in multiple
pipelines in the same project.
 Pipelines > Library > + Variable group.

open your pipeline. Select Variables > Variable groups, and then choose Link variable
group. In a build pipeline, you see a list of available groups. In a release pipeline as well.

Pre defined variables – these are system defined variables by default. Like system.debug.
If we want to make it true we can or else can make it fales and like Agent.BuildDirectory.
Pipeline variables - these variables can be used in throughout the pipeline only.

12)how do you integrate key vault by using variable group?

While creating a variable group then only we can integrate key vault to it.
Go to library ,,navigate to + variable group then enable link secrets from azure key vault
then it will ask us for subscription and key vault name.

13)whats the difference between service connection and service hook and web hook?

Service connections enable you to connect to external and remote services to execute in a
jobs.

Webhook - ?

Service hook lets you run tasks on other services when events happen in your Azure DevOps
projects. You could go to Project Settings>>Service hooks page to integrate with your favorite
services by notifying them when events happen in your project. For example, create a card in Trello
when a work item is created or send a push notification to your team's mobile devices when a build
fails. Or we can say it is kind of triggering based upon events.

14) what are the different types of groups available in azure Devops?

Build admin, contributors, end point admin etc.

15) what is the use of artifacts?

Artifacts are used to store our project references.

Azure Artifacts enables developers to share and consume packages from different feeds and public
registries. Packages can be shared within the same team, the same organization, and even publicly.
Azure Artifacts supports multiple package types such as NuGet, Npm, Python, Maven, and Universal
Packages.

16) what is the difference between classic editor and yaml?

In classic editor we need to create separate build and release pipelines where as in yaml we can
create build and deploy at a time and we can customize pipeline by yaml.

17) exlplain about different branching and merging strategies?

We have feature , dev, master(main) , release branches,test branches. we take feature branch based
on dev.we merge feature branch changes into dev.we use release branch for deploying into dev.the
original code will be in master branch.while merging the feature branch with master branch we
follow some branching policies like number of reviewers etc like below.
By using pull request we can merge feature branch to any other branch.after successful completion
of pr the merging is success.

What is pat?

18) whats the use of branch policies?

Branch policies help teams protect their important branches of development , those who have
access only they can do any modifications depends upon the branch policies. Build Validation, Status
Checks, Automatically included reviewers.

19) what is difference between ci and cd?

Ci is the process where code is integrated using a build tool so the software is built and tested in a
automated way. The successful build will go to the deployment.

Where as continuous deployment is a process of deploying a build code into desired environments
using automation like from dev stage non prod test.it helps how the code is working in diff
environments.

Dev automatic– test-automatic prod

Dev automatic– test-pre prd manual prod

20) diff between continuous deployment and continuous delivery?

Continuous delivery is the frequent shipping of code to a given environment such as test or prod via
manual release where as continuous deployment is automated release of code to a production
environment.

Continuous deployment focuses on actual deployment where as continuous delivery focus on

release and release strategy.

21) whats the difference between these access types in devops basic, stake holder, visual studio
subscriber?

 Stakeholder: Can be assigned to unlimited users for free. Provides partial access to private
projects and mostly full access to public projects
 Basic: Provides access to most features. Assign to users with a Visual Studio Professional
subscription, an Azure DevOps Server CAL, and to users for whom you're paying for Basic
access in an organization.
 Visual Studio subscription: Assign to users who already have a Visual Studio subscription. The
system automatically recognizes the user's subscription—Visual Studio Enterprise, Visual
 Studio Professional, Visual Studio Test Professional, or MSDN Platform—and enables any
other features that are included in their subscription level. If you assign Basic or Stakeholder,
they also receive their Visual Studio subscription benefits upon sign-in.
22) what is policies and permission’s?

In organization settings we have two types of security features that is policies and perisions.

Policies like application connection policies , security policies ,user policies

Permisions-

23) what is advantage of variable groups?

We can define variable groups with adding security to group who can see or not .

24) what is secure files?

Secure files give you a way to store files that you can share across pipelines

Pipeline – library – secure files

ARM Templates

1) Syntax of ARM TEMPLATE?

ARM TEMPLATE consistes two parts one is like main Jason file and other one is parameter
file.
Schema- url of azure
Content version- version
Parameters-static data
Variables-dynamic data {}
Resources- actual deployment[]
Outputs- this is an optional, if we want to see output in console then we can use it.
Main use of parameter Jason is we can use that staic data multiple times.
2) Different types of parameters and variables in arm?
We have diff types of parameters like secure parameters,allowed values,default
value,integer constraints, length constraints.
U need to explain abt each parameter like length constraints we use it to give min and max
values, similarly secure parameters The value of a secure parameter isn't saved to the
deployment history and isn't logged.
Variables - When defining a variable, we don't need to specify a data type for the variable.
Instead provide a value or template expression. We hv diff types of variables like string,
concattovar, etc.,
3) Different types of data types in arm?
Integer , string, Boolean etc.,
4) What is the use of dependency in arm template?
Dependencies determine the order Azure should deploy the resources. For example, if an
ARM template is deploying a virtual network and a virtual machine, the virtual network must
exist first before creating the virtual machine
5) if u want to create 5 vms using arm template how u do it?
If we want to iterate 5 vms by using copy we can create 5 vms by giving all necessary inputs
to template. Like below. Copy iterations shuldnt be more than 800.

"copy": {
"name": "<name-of-loop>",
"count": <number-of-iterations>,
"mode": "serial" <or> "parallel",
"batchSize": <number-to-deploy-serially>
}
6) arm template functions?
We have diff types of functions array, date , logical , numeric funcions, obect functions.
 7) If conditions in arm template
[if(condition, true value, false value)]
Can be used for variables, resource parameters, properties.
8) What are the diff modes in arm template?
Incremental mode, deployment mode, complete mode.
Deployment modes are used to handle existing reosurces that are not available in arm
template.
In complete mode, Resource Manager deletes resources that exist in the resource group but
aren't specified in the template

In incremental mode, Resource Manager leaves unchanged resources that exist in the
resource group but aren't specified in the template

Example result

To illustrate the difference between incremental and complete modes, consider the following
scenario.

Resource Group contains:

 Resource A
 Resource B
 Resource C

Template contains:

 Resource A
 Resource B
 Resource D

When deployed in incremental mode, the resource group has:

 Resource A
 Resource B
 Resource C
 Resource D

When deployed in complete mode, Resource C is deleted. The resource group has:

 Resource A
 Resource B
 Resource D
use the Mode parameter to define the incre or complete.

Dependency function &

Azure –

1) What is the difference between IAAS,PAAS,SAAS?

IaaS: cloud-based services, pay-as-you-go for services such as storage, networking, and
virtualization.examples- azure iaas - vm, storage,networking

PaaS: hardware and software tools available over the internet.EXAMPLE- MS AZURE ,AWS
LAMBDA.azure paas services – web apps, mobile apps,logicapps,azure function etc

SaaS: software that’s available via a third-party over the internet. Outlook

2) How many types of storage accounts?

Account types are two types general purpose v2 accounts & general purpose v1 accounts.
3720

3) Storage types – blob , file, queue, table,disk.

4) Difference between blob and file?

Azure Blob Storage is an object store used for storing vast amounts unstructured data, while
Azure File Storage is a fully managed distributed file system based on the SMB protocol and
looks like a typical hard drive once mounted.

5) What are different types of access tiers?

Hot- frequent usage, cool- non frequent usage

 Hot tier - An online tier optimized for storing data that is accessed or modified frequently. The
Hot tier has the highest storage costs, but the lowest access costs.
 Cool tier - An online tier optimized for storing data that is infrequently accessed or modified.
Data in the Cool tier should be stored for a minimum of 30 days. The Cool tier has lower
storage costs and higher access costs compared to the Hot tier.
 Archive tier - An offline tier optimized for storing data that is rarely accessed, and that has
flexible latency requirements, on the order of hours. Data in the Archive tier should be stored
for a minimum of 180 days.

6) Different types of blob storage?

1) Block blob- stores text or binary files large amount of data-LRS&ZRS , 2) Page blob-
read and write operations-LRS , 3)Append blob- collection of blocks-LRS&ZRS

1. Locally redundant storage (LRS) – It helps to replicate our data in the same data center, and
it is a low-cost data redundancy technique. LRS is the lowest-cost replication option and
offers the least durability compared to other options. It provides at least 99.999999999% (11
nines) durability of objects over a given year.

This is helpful when we can easily reconstruct the data in case of data loss, or we have restricted
data to replicate only within the country/region.

2. Zone-redundant storage (ZRS) – It helps us for excellent performance, low latency and
replicates our data synchronously across three storage clusters in a single region. Each
storage cluster is physically separated but within the same region. ZRS offers durability for
storage objects of at least 99.9999999999% (12 9's) over a given year.
 3. Geo-redundant storage (GRS) – As I explained above it helps us in replicating our data to
another region which is far away hundreds of miles away from the primary region. It
provides at least 99.99999999999999% (16 9's) durability of objects over a given year. GRS
replicates our data to another region, but data will be available to be read-only if Microsoft
initiates a failure from primary to the secondary region.
4. Read-access geo-redundant storage (RA-GRS) – It is based on the GRS, but it also provides
the option to read from the secondary region regardless of whether Microsoft initiates a
failover from the primary to the secondary region.

7) What is SAAS token?

A shared access signature (SAS) is a URI that grants restricted access rights to Azure Storage
resources. You can provide a shared access signature to clients who should not be trusted
with your storage account key but to whom you wish to delegate access to certain storage
account resources.
Storage account – shared access signature – generate sas
8) What is the use of deployment slots?
Deployment slots are live apps with their own hostnames. App content and configurations
elements can be swapped between two deployment slots, including the production slot.

9) How do u trouble shoot if u get 401 or 505 error?

?

10)difference between app service plan and consumtion plan?

With the Consumpti on plan, you do not have to worry about the dimension of your
infrastructure, scaling, or pay when not uti lizing any resources.

For the App Service plan, however, you do need to allocate resources for your functi ons
explicitly and pay for them regardless if you are running functi ons or not.

10) Use of application insights?

It is used for tracking entire application performance likve monitoring logging an
performance analytics.

11)what is virtual network?

Virtual network is a representation of our own network.when we create virtual network our services
and vms withing our vnet can communicate directly and securely.
12) pre requisites to create virtual network?

Subnet , routing, nsg, ip address

13)if I want to resize existing size of vm is it mandate to require downtime?

Yes if we want to resize the vm disk then we need to stop and increase the size. If its already running
stop and increase and restart.
14) availability set – it is logical grouping of virtual machines, which is like collection of fault domains
and update domains.while creating a vm it asks for availability set.Availability Sets—running a VM
with one or more replicated copies on separate hardware within the same Availability Zone,
providing resiliency against machine failure.

15) Availability Zones—running a VM with one or more replicated copies on different Availability
Zones, providing resiliency against data center failure

16) vmss – virtual machine scale set – it is a collection of virtual machines with similar configuration..
Virtual Machine Scale Sets (VMSS), an interesting service offered by Microsoft Azure, helps to create
and manage a set of identical, auto-scaling Virtual Machines (VMs). The number of VM instances can
automatically increase or decrease based on scheduled conditions

17) can I add existing vm to availability set? No we cant add we can only set availability set whicl
creating vm.

18) diff between scale out and scale in ?

19) diff between horizontal scaling and vertical scaling?

Horizontal is more flexible in a cloud situation as it allows you to run potentially thousands of VMs
to handle load. In contrast, vertical scaling is different. It keeps the same number of VMs, but makes
the VMs more ("up") or less ("down") powerful.

20)diff types of azure roles.

Azure role Permissions

Owner Full access to all resources Delegate access to others

Create and manage all of types of Azure resources Create a new tenant in Azure
Contributor
Active Directory Cannot grant access to others

Reader View Azure resources

User Access
Manage user access to Azure resources
Administrator

21) diff between webrole and worker role?

Web role: Automatically deploys and hosts your app through IIS. Worker role: Does not use IIS, and
runs your app standalone

22)diff between truncate and delete?

The DELETE statement is used when we want to remove some or all of the records from the table,
while the TRUNCATE statement will delete entire rows from a table. DELETE is a DML command as it
only modifies the table data, whereas the TRUNCATE is a DDL command.
23) diff between * and distinct?

* will gives us entire rows data where as distinct gives us particular data

24) what is nsg?

Network security group is a set of security rules that allows inbound network or out bound etwork
trafficfrom several types of azure resources?

25) what is application security group?

Application security groups enable you to configure network security as a natural extension of an
application's structure, allowing you to group virtual machines and define network security policies
based on those groups. You can reuse your security policy at scale without manual maintenance of
explicit IP addresses.

26) what is peering?

Virtual network peering enables you to seamlessly connect two or more Virtual Networks in Azure

27) steps to point to site?

Components we need are – vn , virtual subnet, root certificate, client and vpn

Create a virtual network and create a gateway subnet , generate root vpn certificate as well as
client vpn certificate. Download vpn install client certificate. Connect to vpn via network.

29) steps to point to point?

30)diff between p2s and s2s?

31)diff between dynamic and static?

32)expain about project architecture?

33)have u created any cost saving options in ur wor?

Yes I have done , I have written a script for deletion of resources which are not in used more .

Ps - Connect-AzureRmAccount

Select-AzureRmSubscription -SubscriptionName "<Subscription_Name>"

$Headers=@{
'authorization'="Bearer <bearer_token>"
}

# Get all resources and their changed time

$resources= Invoke-RestMethod -uri

'https://management.azure.com/subscriptions/<subscription_id>/resources?api-version=2018-05-
01&$expand=changedTime,createdTime' -method get -Headers $Headers | select-object -
Expandproperty value

# Delete all resources which have not been changed since 20 days

foreach ($resource in $resources)

{
$count=0
$time=[datetime]::Parse($resource.changedTime)
$datetime = (Get-Date).AddDays(-20)
$utcDatetime = $datetime.ToUniversalTime()
if ($time -lt $utcDatetime)
{
$resource.id
$time
Write-Output "Deleting resource now"
Remove-AzureRmResource -ResourceId $resource.id
}
}

34) what is azure resource manager?(arm)

Azure Resource Manager (ARM) is the native platform for infrastructure as code (IaC) in Azure. It
enables you to centralize the management, deployment, and security of Azure resources

35) write down a azure ali command to create vm/?

az vm create \
--resource-group myResourceGroup \
--name myVM \
--image Win2019Datacenter \
--public-ip-sku Standard \
--admin-username azureuser

36)have u worked for azure keyvault?

37)diff between load balancer and traffic manager?

The job of Azure Load Balancer is to direct traffic inside a region. This is combined with Azure Traffic
Manager, where traffic manager routes interior to a region between virtual machines

38)different types of routing methods available in traffic manager?

 Priority: Select Priority routing when you want to have a primary service endpoint for all
traffic. You can provide multiple backup endpoints in case the primary or one of the backup
endpoints is unavailable.
 Weighted: Select Weighted routing when you want to distribute traffic across a set of
endpoints based on their weight. Set the weight the same to distribute evenly across all
endpoints.
  Performance: Select Performance routing when you have endpoints in different geographic
locations and you want end users to use the "closest" endpoint for the lowest network
latency.
 Geographic: Select Geographic routing to direct users to specific endpoints (Azure, External,
or Nested) based on where their DNS queries originate from geographically. With this routing
method, it enables you to be in compliance with scenarios such as data sovereignty mandates,
localization of content & user experience and measuring traffic from different regions.
 Multivalue: Select MultiValue for Traffic Manager profiles that can only have IPv4/IPv6
addresses as endpoints. When a query is received for this profile, all healthy endpoints are
returned.
 Subnet: Select Subnet traffic-routing method to map sets of end-user IP address ranges to a
specific endpoint. When a request is received, the endpoint returned will be the one mapped
for that request’s source IP address.
39)use of azure active directory?

 One place for identity and access management. Azure AD is the heart of your organisation's IT, giving
you one place to go for managing user identities and permissions. ...
 One identity for all applications. ...
 Security. ...
 Ease of use. ...
 Collaboration.
40) use of app registrations?

We can generate principal id and key

Azure App registrations are an easy and powerful way to configure authentication and
authorization workflows for a variety of different client types.

41) what is rbac?

Role-based access control (RBAC) restricts network access based on a person's role within an
organization

42) how to create a custom role?

43) what is break fix?

Break-fix issues are technical problems you experience while using Azure services. "Break-fix" is an
industry term which refers to “work involved in supporting a technology when it fails in the normal
course of its function, which requires intervention by a support organisation to be restored to
working order.

44) how many types of alerts?

metric, log, and activity log

45) diff between merge and rebase?

Git merge is a command that allows you to merge branches from Git.

Git rebase is a command that allows developers to integrate changes from one branch to another.
Git rebase is a command that allows developers to integrate changes from one branch to another.

48)diff between reset and revert?

Reverting undoes a commit by creating a new commit. ... Contrast this with git reset , which
does alter the existing commit history

49)diff between pull and fetch?

50)

In Git, "origin" is a shorthand name for the remote repository that a project was
originally cloned from

51)git rm

git rm is used to remove a file from a Git repository

52) how to resolve merge conflicts?

53) azure sql firwall?

he Azure SQL Database firewall allows you to specify IP address ranges from which
communications are accepted into SQL Database.in networking we need to enable firewall
opton.