Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

Implement security through a pipeline using Azure DevOps

Microsoft via Microsoft Learn

Overview

  • Module 1: Configure a project and repository structure to support secure pipelines.

    In this module, you practice how to:

    • Separate a project into team projects and repositories.
    • Separate secure files between projects.
    • Move the security repository away from a project.
    • Assign project and repository permissions.
    • Organize a project and repository structure.
  • Module 2: Manage identity for projects, pipelines, and agents.

    In this module, you practice how to:

    • Configure a Microsoft-hosted pool.
    • Configure agents for projects.
    • Configure agent identities.
    • Configure the scope of a service connection.
    • Convert to a managed identity in Azure DevOps.
  • Module 3: Configure secure access to pipeline resources.

    In this module, you practice how to:

    • Identify and mitigate common security threats.
    • Configure pipeline access to specific agent pools.
    • Manage secret variables and variable groups.
    • Secure files and storage.
    • Configure service connections.
    • Manage environments.
    • Secure repositories.
  • Module 4: Configure and validate permissions.

    In this module, you practice how to:

    • Configure and validate user permissions.
    • Configure and validate pipeline permissions.
    • Configure and validate approval and branch checks.
    • Manage and audit permissions in Azure DevOps.
  • Module 5: Fundamental concepts and best practices for creating nested templates.

    In this module, you practice how to:

    • Create nested templates.
    • Rewrite the main deployment pipeline.
    • Configure the pipeline and the application to use tokenization.
    • Remove plain text secrets.
    • Restrict agent logging.
    • Identify and conditionally remove script tasks in Azure DevOps.
  • Module 6: Configure secure access to Azure Repos from pipelines.

    In this module, you practice how to:

    • Configure pipeline access to packages.
    • Configure credential secrets, and secrets for services.
    • Ensure that the secrets are in the Azure Key Vault.
    • Ensure that secrets aren't in the logs.
  • Module 7: This module is designed to help learners understand the importance of configuring pipelines to use variables and parameters securely in Azure DevOps.

    In this module, you practice how to:

    • Ensure that parameters and variables retain their type.
    • Identify and restrict insecure use of parameters and variables.
    • Move parameters into a YAML file that protects their type.
    • Limit variables that can be set at queue time.
    • Validate that mandatory variables are present and set correctly in Azure DevOps.

Syllabus

  • Module 1: Module 1: Configure a project and repository structure to support secure pipelines
    • Introduction
    • Organize project and repository structure
    • Configure secure projects and repositories
    • Lab - Configure a project and repository structure to support secure pipelines
    • Knowledge check
    • Summary
  • Module 2: Module 2: Manage identity for projects, pipelines, and agents
    • Introduction
    • Configure a Microsoft-hosted pool
    • Configure agents for projects
    • Configure agent identities
    • Configure the scope of a service connection
    • Understand and convert to a Managed Identity
    • Lab - Manage identity for projects and pipelines
    • Knowledge check
    • Summary
  • Module 3: Module 3: Configure secure access to pipeline resources
    • Introduction
    • Configure agent pools
    • Use secret variables and variable groups
    • Understand secure files
    • Configure service connections
    • Manage environments
    • Secure repositories
    • Lab - Configure agents and agent pools for secure pipelines
    • Knowledge check
    • Summary
  • Module 4: Module 4: Configure and validate permissions
    • Introduction
    • Configure and validate user permissions
    • Configure and validate pipeline permissions
    • Configure and validate approval and branch checks
    • Manage and audit permissions
    • Lab - Configure and validate permissions
    • Knowledge check
    • Summary
  • Module 5: Module 5: Extend a pipeline to use multiple templates
    • Introduction
    • Create a nested template
    • Rewrite the main deployment pipeline
    • Configure the pipeline and the application to use tokenization
    • Remove plain text secrets
    • Restrict agent logging
    • Identify and conditionally remove script tasks
    • Lab - Extend a pipeline to use multiple templates
    • Knowledge check
    • Summary
  • Module 6: Module 6: Configure secure access to Azure Repos from pipelines
    • Introduction
    • Configure pipeline access to packages
    • Configure pipeline access to credential secrets
    • Configure pipeline access to secrets for services
    • Use Azure Key Vault to secure secrets
    • Explore and secure log files
    • Lab - Integrate Azure Key Vault with Azure Pipelines
    • Knowledge check
    • Summary
  • Module 7: Module 7: Configure pipelines to securely use variables and parameters
    • Introduction
    • Ensure parameter and variable types
    • Identify and restrict insecure use of parameters and variables
    • Move parameters into a YAML file
    • Limit queue time variables
    • Validate mandatory variables
    • Lab - Configure pipelines to securely use variables and parameters
    • Knowledge check
    • Summary

Reviews

Start your review of Implement security through a pipeline using Azure DevOps

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.