Azure: Security Best Practices (AZ-204)

Learn how to secure your apps by leveraging key Azure tools and best practices. This course can also prepare you for the Developing Solutions for Microsoft Azure (AZ-203) exam.

Introduction

• Why security matters for developers
• What you should know

1. Control access to Azure

• Azure Role Based Access Control (RBAC)
• Grant role based access to a user
• Azure RBAC roles for development
• The contributor role
• The User Access Administrator and Owner roles
• Custom Azure RBAC roles
• Create custom Azure RBAC roles
• Management pane vs data pane RBAC roles
• Challenge: Design Azure access control
• Solution: Design Azure access control design

2. Control user access to your apps

• Register an application to Azure AD
• Web application sign in with Azure AD
• Securing web application authentication with Azure AD Conditional Access
• The Microsoft Authentication Library
• Challenge: Internal web app with Azure AD
• Solution: Internal web application with Azure AD

3. Control app access to your data

• Manage Azure application secrets
• Shared Access Signatures in Azure
• Azure Key Vault service
• Adding secrets to an Azure Key Vault
• Azure Key Vault Access Policies
• Audit logs
• Managed Identity for Azure Resources
• Challenge: Design data access controls
• Solution: Design data access controls

Conclusion

• Developing solutions for Azure and beyond