Training: Implement security through a pipeline using Azure DevOps (AZ-2001)

Ref. AZ-2001

Download PDF

Duration:

1

day

Exam:

Not certifying

Level:

Intermediate

Funding:

Eligible

Home > Trainings > IT Pro > Implement security through a pipeline using Azure DevOps (AZ-2001)

Implement security through a pipeline using Azure DevOps (AZ-2001)

Enhance the Security of Your DevOps Pipelines with Azure

Securing pipelines is essential to ensuring the integrity and reliability of deployments in a cloud environment. With our AZ-2001 training, you will learn how to implement security within a DevOps pipeline. This structured course guides you step by step through configuring Azure Pipelines, managing access, and securing repositories.

A Comprehensive Training to Master Pipeline Security

Through detailed modules and hands-on exercises, you will learn how to set up secure repositories, manage identities, and strengthen access to critical resources. This program will help you master the use of Azure DevOps, Azure Repos, and Azure Artifacts, while applying best practices in cybersecurity.

Participant Profiles

Security operations analysts
Cloud solutions architects
DevOps engineers
Developers specializing in secure deployment
System administrators working on Azure

Objectives

Configure a secure project and repository structure
Manage secure access to pipeline resources
Implement identity strategies and permission management
Establish advanced permissions for users and pipelines
Extend a pipeline by applying secure templates
Restrict access to Azure Repos and manage secrets
Secure the use of variables and parameters in pipelines

Prerequisites

Basic knowledge of Azure DevOps and pipeline concepts
Understanding of security principles (identities, permissions, and authentication)
Experience with the Azure portal and cloud resource management

Course Content

Module 1: Configure a Secure Project and Repository Structure

Organize project and repository structure
Configure secure projects and repositories
Move security repository away from the application project

Module 2: Configure Secure Access to Pipeline Resources

Configure agent pools
Use secret variables and variable groups
Understand secure files
Configure service connections
Manage environments
Secure repositories

Module 3: Manage Identity for Projects, Pipelines, and Agents

Configure a Microsoft-hosted pool
Configure agents for projects
Configure agent identities
Configure the scope of a service connection
Understand and convert to a managed identity

Module 4: Configure and Validate Permissions

Configure and validate user permissions
Configure and validate pipeline permissions
Configure and validate approval and branch checks
Manage and audit permissions

Module 5: Extend a Pipeline to Use Multiple Templates

Create a nested template
Rewrite the main deployment pipeline
Configure the pipeline and the application to use tokenization
Remove plain text secrets
Restrict agent logging
Identify and conditionally remove script tasks

Module 6: Configure Secure Access to Azure Repos from Pipelines

Configure pipeline access to packages
Configure pipeline access to credential secrets
Configure pipeline access to secrets for services
Use Azure Key Vault to secure secrets
Explore and secure log files

Module 7: Configure Pipelines to Securely Use Variables and Parameters

Ensure parameter and variable types
Identify and restrict insecure use of parameters and variables
Move parameters into a YAML file
Limit queue time variables
Validate mandatory variables

Documentation

Access to Microsoft Learn, Microsoft’s online learning platform, offering interactive resources and educational content to deepen your knowledge and develop your technical skills.

Lab / Exercises

This course provides you with exclusive access to the official Microsoft lab, enabling you to practice your skills in a professional environment.

Complementary Courses

Eligible Funding

ITTA is a partner of a continuing education fund dedicated to temporary workers. This fund can subsidize your training, provided that you are subject to the “Service Provision” collective labor agreement (CCT) and meet certain conditions, including having worked at least 88 hours in the past 12 months.

Additional Information

Why Secure Your Pipelines with Azure DevOps?

In a DevOps environment, security is a major concern. Automated pipelines are at the heart of deployment processes, but without proper configurations, they can become entry points for malicious attacks. With the AZ-2001 training, you will learn to protect each stage of the pipeline while ensuring the integrity and reliability of your deployments.

A Comprehensive Approach to Strengthening Security

This training covers all essential aspects of securing a DevOps pipeline. You will learn to organize and structure your projects with Azure Repos, configure advanced permissions, and protect access to critical resources. By mastering these best practices, you can prevent sensitive data leaks and ensure compliance with cybersecurity standards.

Manage Identities and Permissions with Precision

A secure pipeline relies primarily on strict identity and permission management. You will discover how to configure agent identities, assign specific roles to users, and apply access restrictions based on strict policies. The use of managed identities helps automate access management while reducing risks associated with storing credentials in plain text.

Protecting Secrets and Sensitive Data

Sensitive information, such as API keys and passwords, should never be exposed in source code or configuration files. Through this training, you will learn how to securely store and manage these secrets using Azure Key Vault. You will also see how to configure secure service connections and limit the exposure of critical information.

Optimizing Pipelines with Secure Templates

Creating and using templates in Azure Pipelines allows you to standardize processes while enforcing strict security rules. You will learn to extend your pipelines by integrating nested templates and restricting the use of sensitive variables. This approach ensures consistent execution of tasks while minimizing risks associated with human errors.

Access Control and Security Audits

Proper access control is essential to prevent unauthorized modifications to pipelines and deployments. This training will help you configure advanced permissions, implement approval checks, and audit resource access. You will also learn how to monitor log files to detect potential anomalies or suspicious activities.

FAQ

Who is this training for?
This training is ideal for security operations analysts, solution architects, DevOps engineers, and anyone looking to master pipeline security on Azure.

What are the prerequisites?
A basic knowledge of Azure DevOps, security concepts (identities, permissions), and experience with the Azure portal are recommended.

What tools are covered in the training?
You will work with Azure DevOps, Azure Pipelines, Azure Repos, and Azure Key Vault to secure your deployments.

What benefits will I gain from this training?
By the end of this course, you will be able to effectively secure your pipelines, automate identity management, and protect sensitive data using DevOps best practices.

How does this training differ from other Azure DevOps courses?
It focuses specifically on pipeline security, an often-overlooked but essential aspect in modern production environments.