Azure for Developers: Security Best Practices

Azure for Developers: Security Best Practices
Azure for Developers: Security Best Practices
English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 1h 12m | 186 MB

With the rise of cloud computing, and especially platform as a service (PaaS) solutions, developer productivity has reached new heights. A single developer can now be responsible for the design and even configuration of databases, web servers, and application deployment. But with this new power comes a new set of security concerns. In this course, learn how to secure your applications by leveraging key Azure tools and best practices. This course can also prepare you for the Implement Azure security portion of the Developing Solutions for Microsoft Azure (AZ-203) exam. Instructor Karl Ots covers how to control access to the Azure development environment, securely authenticate end users, and securely connect application logic to Azure data services.

Topics include:

  • Controlling user access to Azure
  • Securing application sign-in with multi-factor authentication
  • Managing Azure application secrets
  • Managing secrets with Azure Key Vault
  • Managed identity for Azure resources
  • Securing access to Azure Storage
Table of Contents

1 Why security matters for developers
2 What you should know
3 Azure role-based access control (RBAC)
4 Grant role-based access to a user
5 Azure RBAC roles for development
6 The Contributor role
7 The User Access Administrator and Owner roles
8 Custom Azure RBAC roles
9 Create custom Azure RBAC roles
10 Management pane vs. data pane RBAC roles
11 Challenge Design Azure access control
12 Solution Design Azure access control
13 Register an application to Azure Active Directory (Azure AD)
14 Web application sign-in with Azure AD
15 Securing web application authentication with Azure AD Conditional Access
16 The Microsoft Authentication Library (MSAL)
17 Challenge Internal web application with Azure AD
18 Solution Internal web application with Azure AD
19 Manage Azure application secrets
20 Shared access signatures (SAS) in Azure
21 Azure Key Vault service
22 Adding secrets to an Azure Key Vault
23 Azure Key Vault access policies
24 Azure Key Vault audit logs
25 Managed identity for Azure resources
26 Challenge Design data access controls
27 Solution Design data access controls
28 Exam AZ-203 Developing Solutions for Microsoft Azure and beyond