|
Implement security through a pipeline using Azure DevOps (AZ-2001)
Code:
AZ-2001
Duration:
1 Day
|
$795
USD
|
This learning path helps you prepare for the Implement security through a pipeline assessment using Azure DevOps. Learn how to configure and secure Azure Pipelines. You'll also get opportunities to practice hands-on skills. These skills include configuring secure access to pipeline resources, configuring, and validating permissions, configuring a project and repository structure, extending a pipeline, configuring pipelines to use variables and parameters securely, and managing identity for projects, pipelines, and agents.
This course is available in the following formats:
Duration: 1 Day
Duration: 1 Day
|
Delivery Format: Virtual Classroom
|
$ 795 |
|
|
Delivery Format: Virtual Classroom
|
$ 795 |
|
|
Delivery Format: Virtual Classroom
|
$ 795 |
Students will learn to,
- Configure a project and repository structure to support secure pipelines
- Configure secure access to pipeline resources
- Manage identity for projects, pipelines, and agents
- Configure and validate permissions
- Extend a pipeline to use multiple templates
- Configure secure access to Azure Repos from pipelines
- Configure pipelines to securely use variables and parameters
Module 1: Configure a project and repository structure to support secure pipelines
- Separate a project into team projects and repositories.
- Separate secure files between projects.
- Move the security repository away from a project.
- Assign project and repository permissions.
- Organize a project and repository structure.
Module 2: Configure secure access to pipeline resources
- Identify and mitigate common security threats.
- Configure pipeline access to specific agent pools.
- Manage secret variables and variable groups.
- Secure files and storage.
- Configure service connections.
- Manage environments.
- Secure repositories.
Module 3: Manage identity for projects, pipelines, and agents
- Configure a Microsoft-hosted pool.
- Configure agents for projects.
- Configure agent identities.
- Configure the scope of a service connection.
- Convert to a managed identity in Azure DevOps.
Module 4: Configure and validate permissions
- Configure and validate user permissions.
- Configure and validate pipeline permissions.
- Configure and validate approval and branch checks.
- Manage and audit permissions in Azure DevOps.
Module 5: Extend a pipeline to use multiple templates
- Create nested templates.
- Rewrite the main deployment pipeline.
- Configure the pipeline and the application to use tokenization.
- Remove plain text secrets.
- Restrict agent logging.
- Identify and conditionally remove script tasks in Azure DevOps.
Module 6: Configure secure access to Azure Repos from pipelines
- Configure pipeline access to packages.
- Configure credential secrets, and secrets for services.
- Ensure that the secrets are in the Azure Key Vault.
- Ensure that secrets aren't in the logs.
Module 7: Configure pipelines to securely use variables and parameters
- Ensure that parameters and variables retain their type.
- Identify and restrict insecure use of parameters and variables.
- Move parameters into a YAML file that protects their type.
- Limit variables that can be set at queue time.
- Validate that mandatory variables are present and set correctly in Azure DevOps.
Module 1: Configure a project and repository structure to support secure pipelines
- Separate a project into team projects and repositories.
- Separate secure files between projects.
- Move the security repository away from a project.
- Assign project and repository permissions.
- Organize a project and repository structure.
Module 2: Configure secure access to pipeline resources
- Identify and mitigate common security threats.
- Configure pipeline access to specific agent pools.
- Manage secret variables and variable groups.
- Secure files and storage.
- Configure service connections.
- Manage environments.
- Secure repositories.
Module 3: Manage identity for projects, pipelines, and agents
- Configure a Microsoft-hosted pool.
- Configure agents for projects.
- Configure agent identities.
- Configure the scope of a service connection.
- Convert to a managed identity in Azure DevOps.
Module 4: Configure and validate permissions
- Configure and validate user permissions.
- Configure and validate pipeline permissions.
- Configure and validate approval and branch checks.
- Manage and audit permissions in Azure DevOps.
Module 5: Extend a pipeline to use multiple templates
- Create nested templates.
- Rewrite the main deployment pipeline.
- Configure the pipeline and the application to use tokenization.
- Remove plain text secrets.
- Restrict agent logging.
- Identify and conditionally remove script tasks in Azure DevOps.
Module 6: Configure secure access to Azure Repos from pipelines
- Configure pipeline access to packages.
- Configure credential secrets, and secrets for services.
- Ensure that the secrets are in the Azure Key Vault.
- Ensure that secrets aren't in the logs.
Module 7: Configure pipelines to securely use variables and parameters
- Ensure that parameters and variables retain their type.
- Identify and restrict insecure use of parameters and variables.
- Move parameters into a YAML file that protects their type.
- Limit variables that can be set at queue time.
- Validate that mandatory variables are present and set correctly in Azure DevOps.
This course is designed for students who are planning to take the Implement security through a pipeline using Azure DevOps assessment, or students who are performing Azure DevOps and Azure Pipelines secure tasks in their day-to-day job.