- Course overview
- Course details
- Prerequisites
Course overview
About this course
This learning path helps you prepare for the Implement security through a pipeline assessment using Azure DevOps. Learn how to configure and secure Azure Pipelines. You'll also get opportunities to practice hands-on skills. These skills include configuring secure access to pipeline resources, configuring, and validating permissions, configuring a project and repository structure, extending a pipeline, configuring pipelines to use variables and parameters securely, and managing identity for projects, pipelines, and agents.
Audience profile
The primary audience for this course are
-
Administrator
-
Developer
-
DevOps Engineer
-
Security Engineer
-
Security Operations Analyst
-
Solution Architect
-
Student
-
Support Engineer
-
Azure Artifacts
-
Azure Cloud Services
-
Azure DevOps
-
Azure Pipelines
-
Azure Repos
Course details
Module 1: Configure a project and repository structure to support secure pipelines
- Separate a project into team projects and repositories.
- Separate secure files between projects.
- Move the security repository away from a project.
- Assign project and repository permissions.
- Organize a project and repository structure.
Module 2: Configure secure access to pipeline resources
- Identify and mitigate common security threats.
- Configure pipeline access to specific agent pools.
- Manage secret variables and variable groups.
- Secure files and storage.
- Configure service connections.
- Manage environments.
- Secure repositories.
Module 3: Manage identity for projects, pipelines, and agents
- Configure a Microsoft-hosted pool.
- Configure agents for projects.
- Configure agent identities.
- Configure the scope of a service connection.
- Convert to a managed identity in Azure DevOps.
Module 4: Configure and validate permissions
- Configure and validate user permissions.
- Configure and validate pipeline permissions.
- Configure and validate approval and branch checks.
- Manage and audit permissions in Azure DevOps.
Module 5: Extend a pipeline to use multiple templates
- Create nested templates.
- Rewrite the main deployment pipeline.
- Configure the pipeline and the application to use tokenization.
- Remove plain text secrets.
- Restrict agent logging.
- Identify and conditionally remove script tasks in Azure DevOps.
Module 6: Configure secure access to Azure Repos from pipelines
- Configure pipeline access to packages.
- Configure credential secrets, and secrets for services.
- Ensure that the secrets are in the Azure Key Vault.
- Ensure that secrets aren't in the logs.
Module 7: Configure pipelines to securely use variables and parameters
- Ensure that parameters and variables retain their type.
- Identify and restrict insecure use of parameters and variables.
- Move parameters into a YAML file that protects their type.
- Limit variables that can be set at queue time.
- Validate that mandatory variables are present and set correctly in Azure DevOps.
Prerequisites
- An Azure Subscription. You need to bring your own subscription.
- Basic knowledge of Azure DevOps.
- Basic knowledge of security concepts like identities and permissions.
- Experience using the Azure portal to create resources like Azure Key Vault and set permissions.
Enquiry
Course : AZ-2001: Implement security through a pipeline using Azure DevOps
Enquiry
request for : AZ-2001: Implement security through a pipeline using Azure DevOps
