Secure your applications with Azure AD and Key Vault
•Télécharger en tant que PPTX, PDF•
0 j'aime•445 vues
Developers like the productivity of the Azure Platform, and now with Azure KeyVault and AAD we can easily secure secrets like DocumentDB, Media Services or Azure Batch keys in Azure KeyVault and apply granular policies to define who can access the secrets. In this session we will see how to adopt a secure approach to manage application secrets by using Azure KeyVault, Azure Active Directory and Principals based on Certificates.
Recommandé
Contenu connexe
Tendances
Tendances (20)
Similaire à Secure your applications with Azure AD and Key Vault
Similaire à Secure your applications with Azure AD and Key Vault (20)
Plus de Davide Benvegnù
Plus de Davide Benvegnù (20)
Dernier
Dernier (20)
Secure your applications with Azure AD and Key Vault
- 1. Disrupt or be disrupted by AI.
- 8. Identity as the core of enterprise mobility Azure Active Directory as the control plane Single sign-onSelf-service Simple connection On-premises Other directories Windows Server Active Directory SaaSAzure Public cloud CloudMicrosoft Azure Active Directory Customers Partners
- 9. Orchestrate the lifecycle of identities and access with: Apps in Azure Third- party apps & clouds Apps on- premises
- 11. Limitation
- 15. An Azure resource provider that lets you SECRETS KEYS CERTIFICATES Backed by Hardware Security Modules Key Vault ≠ customer’s dedicated HSM
- 19. Subscription Resource GroupResource GroupResource Group Key VaultVMVMVM Storage accountStorage accountStorage account Key VaultKey Vault... Secret KeySecretSecret KeyKey Key VersionSecret VersionSecret VersionSecret Version Key VersionKey Version
- 20. Authentication is via Azure AD tokens Authorization is via ACL on key vault
Notes de l'éditeur
- This slide is required. Do NOT delete. This should be the first slide after your Title Slide. If you have questions, please contact your Track PM for guidance. We have also posted guidance on writing good objectives, out on the Speaker Portal (https://www.microsoftready.com). This slide should introduce the session by identifying how this information helps the attendee, partners and customers be more successful. Why is this content important? This slide should call out what’s important about the session (sort of the why should we care, why is this important and how will it help our customers/partners be successful) as well as the key takeaways/objectives associated with the session. Call out what attendees will be able to execute on using the information gained in this session. What will they be able to walk away from this session and execute on with their customers. Good Objectives should be SMART (specific, measurable, achievable, realistic, time-bound). Focus on the key takeaways and why this information is important to the attendee, our partners and our customers. Each session has objectives defined and published on www.microsoftready.com, please work with your Track PM to call these out here in the slide deck. If you have questions, please contact your Track PM.
- Microsoft has a solution for this [Click] Traditional identity and access management solutions providing sing-sign on to on-premises applications and directory services such as Active Directory and others are used from the vast majority of organizations and huge investments were made to deploy and maintain them. These solutions are perfect for the on-premises world. [Click] Now, as we have discussed, there are new pressing requirements to provide the same experience to cloud applications hosted in any public cloud. [Click] Azure Active Directory can be the solution to this new challenge by extending the reach of on-premises identities to the cloud in a secure and efficient way. [Click] In order to do that, one simple connection is needed from on-premises directories to Azure AD. [Click] and everything else will be handled by Azure AD. Secure single sign-on to thousands of SaaS applications hosted in any cloud by using the same credentials that exist on-premises [Click] And we don’t forget the users. Azure AD provides Self-service capabilities and easy access to all the application, consumer or business, they need. in the cloud but on-premises too (Application Proxy)