Wednesday, August 13, 2025

Azure Functions / Cloud Functions - Q & A

 1. What is an Azure Function?

  • A serverless, event-driven compute service that runs code without managing servers. It automatically scales and charges only for execution time.

2. What are the different types of triggers in Azure Functions?

  • HTTP Trigger, Timer Trigger, Blob Trigger, Queue Trigger, Event Grid Trigger, Service Bus Trigger.

3. Difference between Azure Functions and Web Apps?

  • Azure Functions: serverless, event-driven, pay-per-execution.

  • Web Apps: always-on, used to host full web applications, fixed hosting cost.

4. What languages are supported?

  • C#, JavaScript/TypeScript, Python, Java, PowerShell.

5. What is a cold start?

  • Delay when a function runs the first time after being idle. Functions in Consumption Plan may experience this.

6. What are input and output bindings?

  • Bindings let functions read/write data from resources without explicit code for connection.

    • Input: fetch data automatically (Blob, SQL).

    • Output: send data automatically (Blob, Queue, Table).

7. Difference between Consumption and Premium Plan?

  • Consumption: pay-per-execution, may have cold start.

  • Premium: no cold start, auto-scale, VNET integration, higher performance.

8. What is a Durable Function?

  • An orchestrated workflow for long-running or multi-step processes. Maintains state across executions.

9. How do you handle exceptions?

  • Use try-catch blocks, retry policies, and logging to monitor failures.

10. Can you trigger a function from another function?

  • Yes, using Durable Functions orchestrations or queue/Event Grid triggers.

B. Azure Blob Storage

11. What is Azure Blob Storage?

  • Object storage for unstructured data (images, videos, documents).

12. Types of blobs?

  • Block Blob: files like images, PDFs

  • Append Blob: logs (append-only)

  • Page Blob: virtual hard drives (random-access)

13. What is a container?

  • A logical folder in Blob Storage to organize blobs.

14. How do you upload a file?

  • Via Azure Portal, Azure Storage Explorer, PowerShell, or programmatically with SDKs.

15. Hot, Cool, Archive tiers?

  • Hot: frequent access

  • Cool: infrequent access

  • Archive: rarely accessed, lowest cost

16. How do you secure Blob Storage?

  • Use RBAC roles, Shared Access Signatures (SAS), firewall rules, private containers.

17. What is SAS?

  • Short-term URL or token granting limited access to a storage resource.

18. Can Azure Functions read blobs directly?

  • Yes, using Blob trigger or input binding.

19. Difference between Blob Storage and Azure Files/Tables?

  • Blob: unstructured files

  • Files: SMB/NFS network file share

  • Tables: structured NoSQL storage

20. How to monitor Blob Storage?

  • Azure Monitor, metrics, activity logs, storage analytics.

C. Managed Identity

21. What is Managed Identity?

  • Azure AD feature that lets resources authenticate without storing credentials.

22. Types of Managed Identity?

  • System-assigned: tied to resource lifecycle

  • User-assigned: independent, can be used by multiple resources

23. Why use Managed Identity?

  • Eliminates the need for secrets, more secure.

24. How to enable Managed Identity for Azure Function?

  • Function App → Identity → System-assigned → On → Save

25. Can Managed Identity access multiple resources?

  • Yes, assign roles for each resource.

26. How do you assign a role?

  • Azure Portal → Resource → Access Control (IAM) → Add Role Assignment → Choose Managed Identity → Select role

27. Can Managed Identity be used with Key Vault?

  • Yes, to read secrets without storing credentials in code.

28. How does a function authenticate to Blob Storage using Managed Identity?

  • Function uses identity token from Azure AD, then RBAC role (e.g., Storage Blob Data Contributor) allows access.

29. Difference between Service Principal and Managed Identity?

  • Service Principal: manual credentials, independent of resource lifecycle

  • Managed Identity: automatically managed, tied to Azure resource

30. How to secure API access using Managed Identity?

  • API validates Azure AD token from Managed Identity; no password needed.

D. Scenario-Based / Real-Time Questions

31. Automatically resize images uploaded to Blob Storage?

  • Use Blob Trigger Azure Function → process image → save to another container.

32. Multi-step workflow example?

  • Use Durable Function: upload → process → notify → archive.

33. Send email notification when a file is uploaded?

  • Function reads blob → use SendGrid or SMTP connector to send email.

34. Secure a function processing confidential documents?

  • Use Managed Identity for storage access

  • Restrict HTTP access via function keys or API keys

  • Enable VNET integration if needed

35. Architecture combining Power Automate, Functions, Blob Storage, Managed Identity?

  • Power Automate: trigger from external events

  • Azure Function: process file

  • Blob Storage: store files

  • Managed Identity: secure function access

36. Handling large files in Blob Storage?

  • Use chunked upload, streaming, or asynchronous processing in functions.

37. Versioning and lifecycle management?

  • Enable blob versioning → older versions retained

  • Lifecycle rules: automatically move blobs to cool/archive tier or delete after a period.

38. Integration with Logic Apps or Power Automate?

  • Blob Storage triggers → start workflow in Logic Apps/Power Automate

  • Azure Function can also be called from flow

39. Encryption at rest/in transit?

  • At rest: Azure automatically encrypts blobs

  • In transit: use HTTPS or SAS token

40. Troubleshoot Managed Identity authentication failures?

  • Check role assignments

  • Verify identity is enabled

  • Check Azure AD token issuance

  • Review function logs

41. Can Managed Identity be used across subscriptions?

  • Only User-assigned identity can be shared across subscriptions with proper RBAC roles.

42. Rotating secrets or certificates?

  • With Managed Identity, no secrets are needed → rotation handled automatically.

43. Real-world enterprise scenario using Managed Identity?

  • Function reads sensitive documents from storage → stores metadata in SQL DB → all without storing credentials.

44. Difference between Azure Function and Power Automate for automation?

  • Function: complex, scalable, code-based workflows

  • Power Automate: simpler, low-code, UI-based workflows

45. Logging and monitoring best practices?

  • Use Application Insights for performance metrics, failures, and telemetry

46. Example of Event Grid Trigger usage?

  • Trigger function when new blob uploaded → process or notify

47. Using Service Bus with Functions?

  • Trigger function on queue messages → scalable, asynchronous processing

48. Blob trigger vs HTTP trigger?

  • Blob Trigger: runs automatically on blob change

  • HTTP Trigger: runs when called via HTTP request

49. Durable Function orchestration steps?

  • Orchestrator function calls activity functions → maintains state → retries and timing handled

50. Scaling Functions for high volume?

  • Use Consumption or Premium Plan, asynchronous triggers, queue/message-based scaling, monitor metrics

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)