This is an example of a simple banner
☀️ It's summer at ITTA! Enjoy a 10% discount until July 31st on a selection of courses 🌴 ×

Training: Implement security through a pipeline using Azure DevOps (AZ-2001)

Ref. AZ-2001
Duration:
1
 day
Exam:
Optional
Level:
Intermediate

Implement security through a pipeline using Azure DevOps (AZ-2001)

Discover our exclusive “Implement security through a pipeline using Azure DevOps (AZ-2001)” course, designed for professionals eager to master the implementation of secure Azure pipelines. This course covers essential skills such as secure access to resources, permission validation, project structuring, pipeline extension, and secure use of variables. By enrolling, you will take a crucial step towards acquiring intermediate IT skills, indispensable in the fields of development, infrastructure, and security.

Our hands-on program will enable you to effectively configure and secure pipelines via Azure DevOps, this course : Implement security through a pipeline using Azure DevOps prepare you to manage identities across various projects, pipelines, and agents. Join us to elevate your IT skills and secure your professional future.

Participant profiles

  • Professionals looking to certify a specific skill.
  • Current and future Azure DevOps engineers specializing in CI/CD pipelines.

Objectives

  • Acquire basic knowledge to progress towards intermediate IT skills.
  • Put into practice securing project configurations and repositories.
  • Become competent in managing identities within projects, pipelines, and agents.
  • Experiment with securing access to pipeline resources.
  • Understand and apply the configuration and validation of permissions.
  • Discover how to enrich pipelines by integrating various models.

Prerequisites

  • Basic concepts of CI/CD tools in Azure DevOps, including Azure Pipelines.
  • Initial understanding of the Azure Portal for resource creation.
  • Basic knowledge in security, especially identities and permissions.
  • Experience using the Azure Portal to generate resources such as Azure Key Vault and configure permissions.

Course content

Module 1: Configure a project and repository structure to support secure pipelines

  • Organize project and repository structure
  • Configure secure projects and repositories

Module 2: Manage identity for projects, pipelines, and agents

  • Configure a Microsoft-hosted pool
  • Configure agents for projects
  • Configure agent identities
  • Configure the scope of a service connection
  • Understand and convert to a Managed Identity

Module 3: Configure secure access to pipeline resources

  • Configure agent pools
  • Use secret variables and variable groups
  • Understand secure files
  • Configure service connections
  • Manage environments
  • Secure repositories

Module 4: Configure and validate permissions

  • Configure and validate user permissions
  • Configure and validate pipeline permissions
  • Configure and validate approval and branch checks
  • Manage and audit permissions

Module 5: Extend a pipeline to use multiple templates

  • Create a nested template
  • Rewrite the main deployment pipeline
  • Configure the pipeline and the application to use tokenization
  • Remove plain text secrets
  • Restrict agent logging
  • Identify and conditionally remove script tasks

Module 6: Configure secure access to Azure Repos from pipelines

  • Configure pipeline access to packages
  • Configure pipeline access to credential secrets
  • Configure pipeline access to secrets for services
  • Use Azure Key Vault to secure secrets
  • Explore and secure log files

Module 7: Configure pipelines to securely use variables and parameters

  • Ensure parameter and variable types
  • Identify and restrict insecure use of parameters and variables
  • Move parameters into a YAML file
  • Limit queue time variables
  • Validate mandatory variables

Documentation

  • Digital course material included

Lab / Exercises

  • Configure a project and repository structure to support secure pipelines
  • Manage identity for projects, pipelines, and agents
  • Configure secure access to pipeline resources
  • Configure and validate permissions
  • Extend a pipeline to use multiple templates
  • Configure secure access to Azure Repos from pipelines
  • Configure pipelines to securely use variables and parameters

Complementary courses

Temptraining funding

ITTA is a partner of Temptraining, the continuing education fund for temporary workers. This training fund can subsidize continuing education for anyone who works for an employer subject to the Collective Work Agreement (CCT) Rental of services.

Additional information

Maximize Your Expertise with AZ 2001 Training: A Practical and Secure Approach

The AZ 2001 training commits to providing a robust project and repository structure, essential for setting up secure pipelines. We pride ourselves on organizing and configuring secure projects and repositories, ensuring optimized identity management for projects, pipelines, and agents. The training is designed to equip you with the skills necessary to configure a Microsoft-hosted pool, thus ensuring a seamless and secure integration into your projects.

Advanced Security and Identity Management

With security at the forefront, our program covers in-depth the configuration of agent identities and defining the scope of a service connection. You will also learn to convert and understand the importance of a Managed Identity, a major asset for securing access to pipeline resources.

Innovative Security Practices for Pipelines

Our module extends to the use of secret variables and variable groups to enhance security. You will discover how to configure secure files and establish reliable service connections. The management of environments and the securing of repositories are also addressed, with an emphasis on configuring and validating permissions for users and pipelines.

Extensions and Pipeline Template Management

A special section is dedicated to extending pipelines using multiple templates, including creating nested templates and rewriting the main deployment pipeline. You will learn to configure the pipeline and the application to use tokenization, eliminating plain text secrets and restricting agent logging.

Advanced Security and Integration with Azure Key Vault

We explore advanced techniques for securing access to Azure Repos from pipelines, managing access to packages, identification secrets, and service secrets. A particular focus is on the use of Azure Key Vault for secure secret management, crucial for protecting your most sensitive information.

Practice-Focused Educational Approach

Our AZ 2001 training stands out for its interactive pedagogical approach, combining 50% to 60% of practical lab sessions with virtual and in-person classroom teaching. We adopt problem-based learning (PBL) and competency-based learning (CBL) through Microsoft-certified trainers, preparing you for real-world challenges.

Prix de l'inscription
CHF 850.-
Inclus dans ce cours
  • Training provided by a domain expert
  • Digital documentation and support materials
  • Achievement badge

lun12Aoû09:00lun17:00VirtuelVirtual Etiquettes de sessionAZ-2001

lun12Aoû09:00lun17:00Lausanne, Avenue Mon repos 24, 1005 Lausanne Etiquettes de sessionAZ-2001

lun16Sep09:00lun17:00VirtuelVirtual Etiquettes de sessionAZ-2001

lun16Sep09:00lun17:00Genève, Route des Jeunes 33B, 1227 Carouge Etiquettes de sessionAZ-2001

lun21Oct09:00lun17:00VirtuelVirtual Etiquettes de sessionAZ-2001

lun21Oct09:00lun17:00Lausanne, Avenue Mon repos 24, 1005 Lausanne Etiquettes de sessionAZ-2001

lun25Nov09:00lun17:00VirtuelVirtual Etiquettes de sessionAZ-2001

lun25Nov09:00lun17:00Genève, Route des Jeunes 33B, 1227 Carouge Etiquettes de sessionAZ-2001

lun30Déc09:00lun17:00VirtuelVirtual Etiquettes de sessionAZ-2001

lun30Déc09:00lun17:00Lausanne, Avenue Mon repos 24, 1005 Lausanne Etiquettes de sessionAZ-2001

Horaires d’ouverture

Du lundi au vendredi, de 8:30 à 18:00.

Contactez-nous

Votre demande

Opening hours

Monday to Friday, from 8:30 am to 06:00 pm.

Contact us

Your request

X
X
X
X