Home > Vendors > microsoft > az-2001

Share

AZ-2001 - Implement security through a pipeline using Azure DevOps

This learning path helps you prepare for the Implement security through a pipeline assessment using Azure DevOps. Learn how to configure and secure Azure Pipelines. You'll also get opportunities to practice hands-on skills. These skills include configuring secure access to pipeline resources, configuring, and validating permissions, configuring a project and repository structure, extending a pipeline, configuring pipelines to use variables and parameters securely, and managing identity for projects, pipelines, and agents.

Duration: 1.0 day

Enquire Now

Start learning today!

Click Hereto customize your Training

Objectives

  • Separate a project into team projects and repositories.
  • Separate secure files between projects.
  • Move the security repository away from a project.
  • Assign project and repository permissions.
  • Organize a project and repository structure.
  • Identify and mitigate common security threats.
  • Configure pipeline access to specific agent pools.
  • Manage secret variables and variable groups.
  • Secure files and storage.
  • Configure service connections.
  • Manage environments.
  • Secure repositories.
  • Configure a Microsoft-hosted pool.
  • Configure agents for projects.
  • Configure agent identities.
  • Configure the scope of a service connection.
  • Convert to a managed identity in Azure DevOps.
  • Configure and validate user permissions.
  • Configure and validate pipeline permissions.
  • Configure and validate approval and branch checks.
  • Manage and audit permissions in Azure DevOps.
  • Create nested templates.
  • Rewrite the main deployment pipeline.
  • Configure the pipeline and the application to use tokenization.
  • Remove plain text secrets.
  • Restrict agent logging.
  • Identify and conditionally remove script tasks in Azure DevOps.
  • Configure pipeline access to packages.
  • Configure credential secrets, and secrets for services.
  • Ensure that the secrets are in the Azure Key Vault.
  • Ensure that secrets aren't in the logs.
  • Ensure that parameters and variables retain their type.
  • Identify and restrict insecure use of parameters and variables.
  • Move parameters into a YAML file that protects their type.
  • Limit variables that can be set at queue time.
  • Validate that mandatory variables are present and set correctly in Azure DevOps.

Content

1. Configure a project and repository structure to support secure pipelines

This module is designed to help learners understand the importance of configuring a secure project and repository structure to support pipelines in Azure DevOps. The module covers fundamental concepts and best practices for organizing the project and repository structure and moving the security repository away from the application project.

Click here to know more

2. Configure secure access to pipeline resources

This module is designed to help learners understand the importance of pipeline security and how to secure pipeline resources using Azure DevOps. The module covers fundamental concepts and best practices for secure agent pools, secret variables, files and storage, service connections, environments, and repositories.

Click here to know more

3. Manage identity for projects, pipelines, and agents

This module is designed to help learners understand the importance of managing identity for projects, pipelines, and agents in Azure DevOps. The module covers fundamental concepts and best practices for configuring a Microsoft-hosted pool, configuring agents for projects, configuring agent identities, configuring the scope of a service connection, and converting to a managed identity.

Click here to know more

4. Configure and validate permissions

This module covers fundamental concepts and best practices for configuring and validating user permissions, pipeline permissions, approval and branch checks, and auditing and managing permissions.

Click here to know more

5. Extend a pipeline to use multiple templates

This module is designed to help learners understand the importance of extending a pipeline to multiple templates and how to do it using Azure DevOps. The module covers fundamental concepts and best practices for creating nested templates, rewriting the main deployment pipeline, configuring the pipeline and the application to use tokenization, removing plain text secrets, restricting agent logging, and identifying and conditionally removing script tasks.

Click here to know more

6. Configure secure access to Azure Repos from pipelines

This module is designed to help learners understand the importance of securing access to Azure Repos from pipelines and how to do it using Azure DevOps. The module covers fundamental concepts and best practices for securing access to packages, credential secrets, secrets for services, and Azure Key Vault.

Click here to know more

7. Configure pipelines to securely use variables and parameters

This module is designed to help learners understand the importance of configuring pipelines to use variables and parameters securely in Azure DevOps. The module covers fundamental concepts and best practices for ensuring that parameters and variables retain their type, identifying and restricting insecure use of parameters and variables, moving parameters into a YAML file that protects their type, limiting variables that can be set at queue time, and validating that mandatory variables are present and set correctly.

Click here to know more

Audience

N/A

Prerequisites

  • An Azure Subscription. You need to bring your own subscription.
  • Basic knowledge of Azure DevOps.
  • Basic knowledge of security concepts like identities and permissions.
  • Experience using the Azure portal to create resources like Azure Key Vault and set permissions.

Certification

product-certification

Course Benefits

product-benefits
  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

Microsoft Popular Courses

ms-700t00

The Managing Microsoft Teams course is designed for those aspiring to be Microsoft 365 Teams Administrators to deploy, configure and manage Office 365 workloads

az-900t00

This course is a high-level overview of Azure. The course will provide foundational level knowledge of cloud services and how those services are provided with M

sc-900t00

This course provides foundational level knowledge on security, compliance, and identity concepts and related cloud-based Microsoft solutions.

mb-335t00

MB-335T00 is a course code that refers to a specific training program or course offered by Microsoft. Unfortunately, as of my knowledge cutoff in September 2021
Enquire Now
EwveHj
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy