Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

Implement security through a pipeline using Azure DevOps

Microsoft via Microsoft Learn

Go to class Write review
CodeSignal Ad

Free AI-powered learning to build in-demand skills

Learn More → Coursera Ad

Gain a Splash of New Skills - Coursera+ Annual Just ₹7,999

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
  • Configure a project and repository structure to support secure pipelines.

    In this module, you practice how to:

    • Separate a project into team projects and repositories.
    • Separate secure files between projects.
    • Move the security repository away from a project.
    • Assign project and repository permissions.
    • Organize a project and repository structure.
  • Configure secure access to pipeline resources.

    In this module, you practice how to:

    • Identify and mitigate common security threats.
    • Configure pipeline access to specific agent pools.
    • Manage secret variables and variable groups.
    • Secure files and storage.
    • Configure service connections.
    • Manage environments.
    • Secure repositories.
  • Manage identity for projects, pipelines, and agents.

    In this module, you practice how to:

    • Configure a Microsoft-hosted pool.
    • Configure agents for projects.
    • Configure agent identities.
    • Configure the scope of a service connection.
    • Convert to a managed identity in Azure DevOps.
  • Configure and validate permissions.

    In this module, you practice how to:

    • Configure and validate user permissions.
    • Configure and validate pipeline permissions.
    • Configure and validate approval and branch checks.
    • Manage and audit permissions in Azure DevOps.
  • Fundamental concepts and best practices for creating nested templates.

    In this module, you practice how to:

    • Create nested templates.
    • Rewrite the main deployment pipeline.
    • Configure the pipeline and the application to use tokenization.
    • Remove plain text secrets.
    • Restrict agent logging.
    • Identify and conditionally remove script tasks in Azure DevOps.
  • Configure secure access to Azure Repos from pipelines.

    In this module, you practice how to:

    • Configure pipeline access to packages.
    • Configure credential secrets, and secrets for services.
    • Ensure that the secrets are in the Azure Key Vault.
    • Ensure that secrets aren't in the logs.
  • This module is designed to help learners understand the importance of configuring pipelines to use variables and parameters securely in Azure DevOps.

    In this module, you practice how to:

    • Ensure that parameters and variables retain their type.
    • Identify and restrict insecure use of parameters and variables.
    • Move parameters into a YAML file that protects their type.
    • Limit variables that can be set at queue time.
    • Validate that mandatory variables are present and set correctly in Azure DevOps.

Syllabus

  • Configure a project and repository structure to support secure pipelines
    • Introduction
    • Organize project and repository structure
    • Configure secure projects and repositories
    • Lab - Configure a project and repository structure to support secure pipelines
    • Module assessment
    • Summary
  • Configure secure access to pipeline resources
    • Introduction
    • Configure agent pools
    • Use secret variables and variable groups
    • Understand secure files
    • Configure service connections
    • Manage environments
    • Secure repositories
    • Lab - Configure agents and agent pools for secure pipelines
    • Module assessment
    • Summary
  • Manage identity for projects, pipelines, and agents
    • Introduction
    • Configure a Microsoft-hosted pool
    • Configure agents for projects
    • Configure agent identities
    • Configure the scope of a service connection
    • Understand and convert to a Managed Identity
    • Lab - Manage identity for projects and pipelines
    • Module assessment
    • Summary
  • Configure and validate permissions
    • Introduction
    • Configure and validate user permissions
    • Configure and validate pipeline permissions
    • Configure and validate approval and branch checks
    • Manage and audit permissions
    • Lab - Configure and validate permissions
    • Module assessment
    • Summary
  • Extend a pipeline to use multiple templates
    • Introduction
    • Create a nested template
    • Rewrite the main deployment pipeline
    • Configure the pipeline and the application to use tokenization
    • Remove plain text secrets
    • Restrict agent logging
    • Identify and conditionally remove script tasks
    • Lab - Extend a pipeline to use multiple templates
    • Module assessment
    • Summary
  • Configure secure access to Azure Repos from pipelines
    • Introduction
    • Configure pipeline access to packages
    • Configure pipeline access to credential secrets
    • Configure pipeline access to secrets for services
    • Use Azure Key Vault to secure secrets
    • Explore and secure log files
    • Lab - Integrate Azure Key Vault with Azure Pipelines
    • Module assessment
    • Summary
  • Configure pipelines to securely use variables and parameters
    • Introduction
    • Ensure parameter and variable types
    • Identify and restrict insecure use of parameters and variables
    • Move parameters into a YAML file
    • Limit queue time variables
    • Validate mandatory variables
    • Lab - Configure pipelines to securely use variables and parameters
    • Module assessment
    • Summary

Tags

Reviews

Start your review of Implement security through a pipeline using Azure DevOps

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.