Course Catalog
Implement security through a pipeline using Azure DevOps (AZ-2001)
Code: AZ-2001
Duration: 1 Day
$795 USD

OVERVIEW

This learning path helps you prepare for the Implement security through a pipeline assessment using Azure DevOps. Learn how to configure and secure Azure Pipelines. You'll also get opportunities to practice hands-on skills. These skills include configuring secure access to pipeline resources, configuring, and validating permissions, configuring a project and repository structure, extending a pipeline, configuring pipelines to use variables and parameters securely, and managing identity for projects, pipelines, and agents.

DELIVERY FORMAT

This course is available in the following formats:

Virtual Classroom

Duration: 1 Day
Classroom

Duration: 1 Day

CLASS SCHEDULE

Delivery Format: Virtual Classroom
Date: Aug 03 2026 - Aug 03 2026 | 09:00 - 17:00 EDT
Location: Online
Course Length: 1 Day

$ 795

Delivery Format: Virtual Classroom
Date: Nov 13 2026 - Nov 13 2026 | 09:00 - 17:00 EST
Location: Online
Course Length: 1 Day

$ 795

Delivery Format: Virtual Classroom
Date: Oct 05 2026 - Oct 05 2026 | 09:00 - 17:00 EDT
Location: Online
Course Length: 1 Day

$ 795

GOALS

Students will learn to,

  • Configure a project and repository structure to support secure pipelines
  • Configure secure access to pipeline resources
  • Manage identity for projects, pipelines, and agents
  • Configure and validate permissions
  • Extend a pipeline to use multiple templates
  • Configure secure access to Azure Repos from pipelines
  • Configure pipelines to securely use variables and parameters
OUTLINE

Module 1: Configure a project and repository structure to support secure pipelines

  • Separate a project into team projects and repositories.
  • Separate secure files between projects.
  • Move the security repository away from a project.
  • Assign project and repository permissions.
  • Organize a project and repository structure.

Module 2: Configure secure access to pipeline resources

  • Identify and mitigate common security threats.
  • Configure pipeline access to specific agent pools.
  • Manage secret variables and variable groups.
  • Secure files and storage.
  • Configure service connections.
  • Manage environments.
  • Secure repositories.

Module 3: Manage identity for projects, pipelines, and agents

  • Configure a Microsoft-hosted pool.
  • Configure agents for projects.
  • Configure agent identities.
  • Configure the scope of a service connection.
  • Convert to a managed identity in Azure DevOps.

Module 4: Configure and validate permissions

  • Configure and validate user permissions.
  • Configure and validate pipeline permissions.
  • Configure and validate approval and branch checks.
  • Manage and audit permissions in Azure DevOps.

Module 5: Extend a pipeline to use multiple templates

  • Create nested templates.
  • Rewrite the main deployment pipeline.
  • Configure the pipeline and the application to use tokenization.
  • Remove plain text secrets.
  • Restrict agent logging.
  • Identify and conditionally remove script tasks in Azure DevOps.

Module 6: Configure secure access to Azure Repos from pipelines

  • Configure pipeline access to packages.
  • Configure credential secrets, and secrets for services.
  • Ensure that the secrets are in the Azure Key Vault.
  • Ensure that secrets aren't in the logs.

Module 7: Configure pipelines to securely use variables and parameters

  • Ensure that parameters and variables retain their type.
  • Identify and restrict insecure use of parameters and variables.
  • Move parameters into a YAML file that protects their type.
  • Limit variables that can be set at queue time.
  • Validate that mandatory variables are present and set correctly in Azure DevOps.

Module 1: Configure a project and repository structure to support secure pipelines

  • Separate a project into team projects and repositories.
  • Separate secure files between projects.
  • Move the security repository away from a project.
  • Assign project and repository permissions.
  • Organize a project and repository structure.

Module 2: Configure secure access to pipeline resources

  • Identify and mitigate common security threats.
  • Configure pipeline access to specific agent pools.
  • Manage secret variables and variable groups.
  • Secure files and storage.
  • Configure service connections.
  • Manage environments.
  • Secure repositories.

Module 3: Manage identity for projects, pipelines, and agents

  • Configure a Microsoft-hosted pool.
  • Configure agents for projects.
  • Configure agent identities.
  • Configure the scope of a service connection.
  • Convert to a managed identity in Azure DevOps.

Module 4: Configure and validate permissions

  • Configure and validate user permissions.
  • Configure and validate pipeline permissions.
  • Configure and validate approval and branch checks.
  • Manage and audit permissions in Azure DevOps.

Module 5: Extend a pipeline to use multiple templates

  • Create nested templates.
  • Rewrite the main deployment pipeline.
  • Configure the pipeline and the application to use tokenization.
  • Remove plain text secrets.
  • Restrict agent logging.
  • Identify and conditionally remove script tasks in Azure DevOps.

Module 6: Configure secure access to Azure Repos from pipelines

  • Configure pipeline access to packages.
  • Configure credential secrets, and secrets for services.
  • Ensure that the secrets are in the Azure Key Vault.
  • Ensure that secrets aren't in the logs.

Module 7: Configure pipelines to securely use variables and parameters

  • Ensure that parameters and variables retain their type.
  • Identify and restrict insecure use of parameters and variables.
  • Move parameters into a YAML file that protects their type.
  • Limit variables that can be set at queue time.
  • Validate that mandatory variables are present and set correctly in Azure DevOps.
LABS

Will Be Updated Soon!
Will Be Updated Soon!
WHO SHOULD ATTEND

This course is designed for students who are planning to take the Implement security through a pipeline using Azure DevOps assessment, or students who are performing Azure DevOps and Azure Pipelines secure tasks in their day-to-day job.

PREREQUISITES

Students should have,

  • An Azure Subscription. You need to bring your own subscription.
  • Basic knowledge of Azure DevOps.
  • Basic knowledge of security concepts like identities and permissions.
  • Experience using the Azure portal to create resources like Azure Key Vault and set permissions.