Implementing applications with Microsoft Azure can be exciting and easy. However, making sure that all the best security practices are in place can be challenging, especially from a developer perspective.
This advisory offer was created for the software development teams, architects, and cloud specialists who would like to learn more about implementing Azure cloud applications using security best practices. You will gain the skills and knowledge to effectively implement and secure application solutions in Microsoft Azure cloud and understand some important challenges.
You will explore the challenges with security when implementing cloud applications, including access to secrets and credentials, network security and isolation, and communication between different components having authentication and authorization in mind.
You will learn about the concepts for user authentication and authorization. We will explore how to secure access to applications with Microsoft Entra External ID and how to securely access web APIs hosted in Microsoft Azure cloud.
You will learn how to securely communicate between two Web APIs. You will understand how to use Client Credentials Flow to obtain access tokens and call Microsoft Graph API in context of application.
You will discover the concepts of Managed Identities and Role Based Access Control (RBAC). You will learn how to enable Managed Identities, assign them specific roles to securely access Azure services without storing credentials in the source code of an application.
You will explore how to use Managed Identities and RBAC to securely access secrets stored in an Azure Key Vault.
You will understand how to store and access application configuration in a central place which is Azure App Configuration. You will discover how to securely read configuration from the application without storing any credentials in the source code.
You will learn how to use Azure API Management service to secure access to your Web APIs. We will explore how to define policies in Azure API Management to validate requests before they reach Web APIs.
You will discover different options to secure access to Azure SQL database. You will learn how to properly configure access from the application to Azure SQL database using Managed Identities and Microsoft Entra ID.
You will discover concepts on how to securely establish connection between Azure DevOps and Azure subscriptions using Workload Identity Federation. You will learn how to eliminate the need to use any secrets in Azure DevOps to securely deploy code to Azure cloud.
This video includes the preview of the content used in this advisory package.
With this advisory we are going to use real application scenario to make it easier to understand how different services work together and how to properly secure communication between them.
* Source code of the application is not delivered as a part of this advisory package.