Sign up to save your podcasts
Or
Share Course 29 - AZ-500 Microsoft Azure Security Technologies | Episode 8: Governance and Container Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Course 29 - AZ-500 Microsoft Azure Security Technologies | Episode 8: Governance and Container Security
In this lesson, you’ll learn about Azure platform protection and governance strategies in Microsoft Azure:Azure Resource Manager (ARM)
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
- Understanding Azure Resource Manager (ARM) as the control plane for Azure
- Managing all resources through a single, consistent API
- Ensuring standardized deployment, access, and configuration across environments
- Extending RBAC with custom roles:
- Defined using JSON
- Granting fine-grained permissions
- Example use case:
- Allow restarting a VM without permission to delete it
- Using Resource Locks to prevent accidental changes:
- Read Only → No modifications allowed
- Cannot Delete → Prevents deletion
- Applying locks across:
- Users
- Roles
- Subscriptions
- Using Azure Policy to enforce compliance
- Controlling resource properties instead of user actions
- Common policy use cases:
- Restricting deployments to approved regions
- Blocking risky configurations (e.g., public IPs on internal VMs)
- Enforcing organizational standards
- Securing Azure Kubernetes Service (AKS):
- Integrating with Azure AD for identity control
- Using pod identities for secure service access
- Applying network policies to control pod-to-pod traffic
- Strengthening container security:
- Enforcing least privilege
- Isolating workloads
- Managing secrets securely
- Scanning container images and running workloads for vulnerabilities
- Leveraging third-party tools such as:
- Aqua Security
- Twistlock
- Ensuring:
- Continuous monitoring
- Secure image pipelines
- Runtime protection
- Reinforcing knowledge with AZ-500 exam scenarios
- Key focus areas:
- Azure Update Management
- Docker Content Trust
- Governance vs access control differences
- ARM provides centralized and consistent resource management
- Governance is enforced through roles, locks, and policies
- Container and compute security require identity, isolation, and monitoring
- Platform protection depends on combining control, visibility, and enforcement
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
View all episodes
By CyberCode AcademyIn this lesson, you’ll learn about Azure platform protection and governance strategies in Microsoft Azure:Azure Resource Manager (ARM)
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
- Understanding Azure Resource Manager (ARM) as the control plane for Azure
- Managing all resources through a single, consistent API
- Ensuring standardized deployment, access, and configuration across environments
- Extending RBAC with custom roles:
- Defined using JSON
- Granting fine-grained permissions
- Example use case:
- Allow restarting a VM without permission to delete it
- Using Resource Locks to prevent accidental changes:
- Read Only → No modifications allowed
- Cannot Delete → Prevents deletion
- Applying locks across:
- Users
- Roles
- Subscriptions
- Using Azure Policy to enforce compliance
- Controlling resource properties instead of user actions
- Common policy use cases:
- Restricting deployments to approved regions
- Blocking risky configurations (e.g., public IPs on internal VMs)
- Enforcing organizational standards
- Securing Azure Kubernetes Service (AKS):
- Integrating with Azure AD for identity control
- Using pod identities for secure service access
- Applying network policies to control pod-to-pod traffic
- Strengthening container security:
- Enforcing least privilege
- Isolating workloads
- Managing secrets securely
- Scanning container images and running workloads for vulnerabilities
- Leveraging third-party tools such as:
- Aqua Security
- Twistlock
- Ensuring:
- Continuous monitoring
- Secure image pipelines
- Runtime protection
- Reinforcing knowledge with AZ-500 exam scenarios
- Key focus areas:
- Azure Update Management
- Docker Content Trust
- Governance vs access control differences
- ARM provides centralized and consistent resource management
- Governance is enforced through roles, locks, and policies
- Container and compute security require identity, isolation, and monitoring
- Platform protection depends on combining control, visibility, and enforcement
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy