Operational security: Keeping your secrets private
Henry Been is an independent DevOps and Azure architect from The Netherlands. He enjoys working with development teams to create and deliver great software. For him, this includes the full DevOps cycle, starting from discovering and planning new features and ending only when end-users are satisfied. Henry’s interests include the Azure cloud, DevOps, software architecture and the design and implementation of testable and maintainable software.
Next to his work, he is one of the Microsoft ALM DevOps Rangers, a group of 130 engineers worldwide who share professional guidance and create gap filling solutions surrounding VSTS and Azure.
About this session
Do you still store secrets in source control? Are your secrets safely stored, but are you struggling to distribute them to your applications? Do you feel this should be easy, but you can’t just find out how?
In this session, Henry will take you on a journey that starts with passwords in source control. From there he will quickly take you along on a series of improvements to make both local development and production deployments more and more secure with every change.
Along the way, you will learn how to use Azure Key Vault, Azure Active Directory (AAD) and App Service Managed Instance to get everyone on a need to know basis. Finally, you will see how forgetting about keys, certificates and passwords completely and just using AAD could solve all your problems. That is.., if everyone would just use AAD!