Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securely pass passwords into your deployment

Published byJohanne Johansen Modified over 5 years ago

Similar presentations

Presentation on theme: "Securely pass passwords into your deployment"— Presentation transcript:

1 Securely pass passwords into your deployment
12/29/2018 1:43 PM THR3069 Securely pass passwords into your deployment Emil Wasilewski Cloud Solution Architect Microsoft Azure MVP © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Agenda String vs SecureString Is SecureString is secure?
Demo Is SecureString is secure? Demo Azure Key Vault in Your deployment Demo

3 String vs SecureString
12/29/2018 1:43 PM String vs SecureString © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 String vs SecureString
„Standard” parameters like: VM sizes VM names SQL DB SKUs And many many more Sensitive parameters like: Passwords SSH Keys Reference to Key Vault Other sensitive data

5 Demo Emil Wasilewski 12/29/2018 1:43 PM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 String vs SecureString

7 String vs SecureString

8 Is SecureString… 12/29/2018 1:43 PM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 is secure? Password: SecurePassword! 12/29/2018 1:43 PM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Demo Emil Wasilewski 12/29/2018 1:43 PM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Is SecureString is secure?

12 ARM Template {"$schema": " "contentVersion": "1.0.0.0",
12/29/2018 1:43 PM ARM Template {"$schema": " "contentVersion": " ", "parameters": { "password": { "type": "securestring"}}, "variables": {}, "resources": [], "outputs": { "type": "string", "value": "[parameters('password')]"}}} © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 Is SecureString is secure?

14 Is SecureString is secure?

15 Azure Key Vault in Your deployment

16 Azure Key Vault in Your deployment
12/29/2018 1:43 PM Azure Key Vault in Your deployment Use it for sensitive parameters You can set it as: Static ID reference in Parameters file Dynamic ID reference via Nested template Linked variable during Release proces in VSTS © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Azure Key Vault in Your deployment - static
{"$schema":" "contentVersion": " ", "parameters": { "password": { "reference": { "keyVault": { "id": "/subscriptions/{SubID}/resourceGroups/{NameOfRG}/providers/Microsoft.KeyVault/vaults/IgniteProd"}, "secretName": "IgnitePassword"}}}}

18 Azure Key Vault in Your deployment - dynamic
"resources": [{ "name": "nestedTemplate", "type": "Microsoft.Resources/deployments", "properties": { "parameters": { "adminPassword": { "reference": { "keyVault": { "id": "[concat(resourceGroup().id,'/providers/Microsoft.KeyVault/vaults/', parameters('vaultName'))]"}, "secretName":"[parameters('secretName')]"}}}}}],

19 Demo Emil Wasilewski 12/29/2018 1:43 PM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 Azure Key Vault in Your deployment - VSTS

21 Azure Key Vault in Your deployment - VSTS

22 Azure Key Vault in Your deployment - VSTS

23 Azure Key Vault in Your deployment - VSTS

24 Azure Key Vault in Your deployment - VSTS

25 Azure Key Vault in Your deployment - VSTS

26 “Use Azure Key Vault wherever possible to keep your passwords secure”

27 Emil Wasilewski @WasilewskiEmil

28 Please evaluate this session
Tech Ready 15 12/29/2018 Please evaluate this session From your Please expand notes window at bottom of slide and read. Then Delete this text box. PC or tablet: visit MyIgnite Phone: download and use the Microsoft Ignite mobile app Your input is important! © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29 12/29/2018 1:43 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Securely pass passwords into your deployment"

Similar presentations

MIX 09 4/15/2017 11:14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

MIX 09 4/15/ :14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Session 1.

Session 1.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

customer.

customer.
demo © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

demo © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
demo Demo.

demo Demo.
demo QueryForeign KeyInstance /sm:body()/x:Order/x:Delivery/y:TrackingId1Z01234567893.

demo QueryForeign KeyInstance /sm:body()/x:Order/x:Delivery/y:TrackingId1Z
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks.
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

Azure on Steroids: Full Automation with PowerShell

Azure on Steroids: Full Automation with PowerShell
6/5/2018 1:30 PM THR1029 Spend less time managing data and more time with customers: Quick tour of Outlook Customer Manager Welly Lee Welly.Lee@microsoft.com.

6/5/2018 1:30 PM THR1029 Spend less time managing data and more time with customers: Quick tour of Outlook Customer Manager Welly Lee
Azure Cloud Shell Magic of Modern Command-line Management

Azure Cloud Shell Magic of Modern Command-line Management
Azure SDKs and Tools for You

Azure SDKs and Tools for You
Optimizing Microsoft OneDrive for the enterprise

Optimizing Microsoft OneDrive for the enterprise
Performing a Seamless Migration in Azure SQL DB

Performing a Seamless Migration in Azure SQL DB
What a Real, Functioning DevOps Team Looks Like

What a Real, Functioning DevOps Team Looks Like
Virtual Machine Diagnostics in Microsoft Azure

Virtual Machine Diagnostics in Microsoft Azure

Similar presentations

Ads by Google