Diese Präsentation wurde erfolgreich gemeldet.
Die SlideShare-Präsentation wird heruntergeladen. ×

ADCD 2022 - Handling secrets in the release process with Azure DevOps and Azurereleaseprocess

Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Wird geladen in …3
×

Hier ansehen

1 von 72 Anzeige

ADCD 2022 - Handling secrets in the release process with Azure DevOps and Azurereleaseprocess

Herunterladen, um offline zu lesen

Deployment often requires a wide variety of confidential configuration entries such as database connection strings or client secrets. How are these kept secure and handed over to the application at deployment time? This session will show different ways of secret management and their management with Azure DevOps and other Azure services. In addition, topics such as password rotation or Azure-specific authentication using Managed Identities will be covered.

Deployment often requires a wide variety of confidential configuration entries such as database connection strings or client secrets. How are these kept secure and handed over to the application at deployment time? This session will show different ways of secret management and their management with Azure DevOps and other Azure services. In addition, topics such as password rotation or Azure-specific authentication using Managed Identities will be covered.

Anzeige
Anzeige

Weitere Verwandte Inhalte

Diashows für Sie (20)

Ähnlich wie ADCD 2022 - Handling secrets in the release process with Azure DevOps and Azurereleaseprocess (20)

Anzeige

Weitere von Marc Müller (20)

Anzeige

ADCD 2022 - Handling secrets in the release process with Azure DevOps and Azurereleaseprocess

  1. 1. Austrian Developer Community Day 25. Feb. 2022 www.cloudusergroup.at @cloudusergrpat #ADCD2022 Handling secrets in the release process with Azure DevOps and Azure Marc Müller Principal Consultant at 4tecture GmbH, Microsoft MVP marc.mueller@4tecture.ch, @muellermarc
  2. 2. Azure Pipelines Azure Artifacts Service Connection Environments Hosted / private Agent Container Jobs Pipeline Secrets Azure KeyVault Azure Repo App Code IaC Azure Resources Version / Branch Compile / Package Deploy Tasks Stages Variables / Secrets Pipeline Infrastructure Execution on target Approvals Checks Deployment Strategy Templates Tests / Test-Results
  3. 3. Azure Resource Group Resource Group WebApp SQL Storage Azure AD Azure DevOps Repo Pipeline Service Connection Agent Pool Pipelines Agent Agent KeyVault KeyVault Managed Identity Managed Identity KeyVault Secret Variables
  4. 4. Base Infrastructure CD Service CD Base Infrastructure Template Resource Template Resource Template Dev/Test Prod Service CI Build Stage PR Stage Testing PreProd Prod Compile Service DB Schema Compile System Tests Infrastructure Artifacts Pipeline Artifacts Task / Job Templates Task / Job Templates Resource Groups, vNets, VMs, Azure SQL, CosmosDB, … App Deployment, DB instance, DB Schema, Managed Identities, Storage, … Deplyoment Verification Secret Provider [Secret Variables, Variable Groups, KeyVault, Managed Identiy] Secret Provider [Secret Variables, Variable Groups, KeyVault, Managed Identiy]
  5. 5. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪
  6. 6. Azure DevOps Variable Groups Pipeline Definition YAML File Pipeline Settings Secret Variable Service Connection Task Task Pipelines Agent Runtime Logging Secret Variable Key Vault Link Azure Key Vault Managed Identities Application AppSettings KeyVault Client Get Token by Managed Identity
  7. 7. ▪ ▪ ▪ ▪
  8. 8. Skip Screenshots
  9. 9. Skip Screenshots
  10. 10. ▪ ▪ ▪ ▪ ▪
  11. 11. ▪ ▪ ▪
  12. 12. Skip Screenshots
  13. 13. ▪ ▪ ▪ Source: https://docs.microsoft.com/en-us/azure/key-vault/general/overview
  14. 14. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ Source: https://docs.microsoft.com/en-us/azure/key-vault/general/overview
  15. 15. ▪ ▪ ▪ ▪ ▪ ▪
  16. 16. ▪ ▪ ▪ ▪ ▪ ▪
  17. 17. Skip Screenshots
  18. 18. ▪ ▪ ▪ ▪ ▪
  19. 19. ▪ ▪ ▪ ▪ ▪
  20. 20. Resource Pwd1 Pwd2 Application V1 Application V2
  21. 21. Resource Pwd1 Pwd2 Application V1 Pwd Config
  22. 22. Skip Screenshots
  23. 23. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪
  24. 24. Source: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview Azure Resources ▪ Azure VMs ▪ Azure App Services ▪ Azure Functions ▪ Azure Container Instances ▪ Azure Kubernetes Service ▪ Azure Logic Apps ▪ Azure ▪ … Azure Service that support Azure AD Authentication ▪ Azure Key Vault ▪ Azure Storage ▪ Azure SQL ▪ Azure Cosmos DB ▪ Azure Machine Learning Service ▪ … access
  25. 25. Skip Screenshots
  26. 26. Austrian Developer Community Day 25. Feb. 2022 www.cloudusergroup.at @cloudusergrpat #ADCD2022 Thank you! Find my code and samples at https://github.com/marc-mueller/ADCD2022_Demo_SecretsInReleaseProcess Join the next session at the full hour!

×