Course Overview
This learning path helps you prepare to implement security through a pipeline assessment using Azure DevOps. Learn how to configure and secure Azure Pipelines. You’ll also get opportunities to practice hands-on skills. These skills include configuring secure access to pipeline resources, configuring and validating permissions, configuring a project and repository structure, extending a pipeline, configuring pipelines to use variables and parameters securely, and managing identity for projects, pipelines, and agents.
Note:
You need an Azure subscription to complete the exercises. If you don’t have an Azure subscription, create a free account and add a subscription before you begin. https://azure.microsoft.com/en-us/free/?azure-portal=true
Requirements
- An Azure Subscription. You need to bring your own subscription.
- Basic knowledge of Azure DevOps.
- Basic knowledge of security concepts like identities and permissions.
- Experience using the Azure portal to create resources like Azure Key Vault and set permissions.
Curriculum
- 1 Section
- 7 Lessons
- 1 Day
Expand all sectionsCollapse all sections
- Topics7
- 1.1Configure a project and repository structure to support secure pipelines Introduction Organize project and repository structure Configure secure projects and repositories Lab – Configure a project and repository structure to support secure pipelines Knowledge check
- 1.2Configure secure access to pipeline resources Introduction Configure agent pools Use secret variables and variable groups Understand secure files Configure service connections Manage environments Secure repositories Lab – Configure agents and agent pools for secure pipelines Knowledge check
- 1.3Manage identity for projects, pipelines, and agents Introduction Configure a Microsoft-hosted pool Configure agents for projects Configure agent identities Configure the scope of a service connection Understand and convert to a Managed Identity Lab – Manage identity for projects and pipelines Knowledge check
- 1.4Configure and validate permissions Introduction Configure and validate user permissions Configure and validate pipeline permissions Configure and validate approval and branch checks Manage and audit permissions Lab – Configure and validate permissions Knowledge check
- 1.5Extend a pipeline to use multiple templates Introduction Create a nested template Rewrite the main deployment pipeline Configure the pipeline and the application to use tokenization Remove plain text secrets Restrict agent logging Identify and conditionally remove script tasks Lab – Extend a pipeline to use multiple templates Knowledge check
- 1.6Configure secure access to Azure Repos from pipelines Introduction Configure pipeline access to packages Configure pipeline access to credential secrets Configure pipeline access to secrets for services Use Azure Key Vault to secure secrets Explore and secure log files Lab – Integrate Azure Key Vault with Azure Pipelines Knowledge check
- 1.7Configure pipelines to securely use variables and parameters Introduction Ensure parameter and variable types Identify and restrict insecure use of parameters and variables Move parameters into a YAML file Limit queue time variables Validate mandatory variables Lab – Configure pipelines to securely use variables and parameters Knowledge check
Instructor
