Course Overview
Implement security through a pipeline using Azure DevOps
Prerequisites
- An Azure Subscription. You need to bring your own subscription.
- Basic knowledge of Azure DevOps.
- Basic knowledge of security concepts like identities and permissions.
- Experience using the Azure portal to create resources like Azure Key Vault and set permissions.
Course Content
Configure a project and repository structure to support secure pipelines
- Introduction
- Organize project and repository structure
- Configure secure projects and repositories
- Lab - Configure a project and repository structure to support secure pipelines
- Module assessment
- Summary
Configure secure access to pipeline resources
- Introduction
- Configure agent pools
- Use secret variables and variable groups
- Understand secure files
- Configure service connections
- Manage environments
- Secure repositories
- Lab - Configure agents and agent pools for secure pipelines
- Module assessment
- Summary
Manage identity for projects, pipelines, and agents
- Introduction
- Configure a Microsoft-hosted pool
- Configure agents for projects
- Configure agent identities
- Configure the scope of a service connection
- Understand and convert to a Managed Identity
- Lab - Manage identity for projects and pipelines
- Module assessment
- Summary
Configure and validate permissions
- Introduction
- Configure and validate user permissions
- Configure and validate pipeline permissions
- Configure and validate approval and branch checks
- Manage and audit permissions
- Lab - Configure and validate permissions
- Module assessment
- Summary
Extend a pipeline to use multiple templates
- Introduction
- Create a nested template
- Rewrite the main deployment pipeline
- Configure the pipeline and the application to use tokenization
- Remove plain text secrets
- Restrict agent logging
- Identify and conditionally remove script tasks
- Lab - Extend a pipeline to use multiple templates
- Module assessment
- Summary
Configure secure access to Azure Repos from pipelines
- Introduction
- Configure pipeline access to packages
- Configure pipeline access to credential secrets
- Configure pipeline access to secrets for services
- Use Azure Key Vault to secure secrets
- Explore and secure log files
- Lab - Integrate Azure Key Vault with Azure Pipelines
- Module assessment
- Summary
Configure pipelines to securely use variables and parameters
- Introduction
- Ensure parameter and variable types
- Identify and restrict insecure use of parameters and variables
- Move parameters into a YAML file
- Limit queue time variables
- Validate mandatory variables
- Lab - Configure pipelines to securely use variables and parameters
- Module assessment
- Summary