Elevator Pitch
You’ve read a blog post or Microsoft documentation on how to run your project in Azure.
You are about to publish your application to the public. STOP!
In this demo, we review Azure Security tips for a typical web application that uses IaaS, PaaS, and FaaS [serverless] resources.
Description
Intro
As technologists, we have to often move fast and learn fast to get our jobs done. We search out content that gets us started. We confirm the basic functionality and look to move on to the next item. While blogs and Microsoft documentation is great it is ultimately demoware. Demoware is not production ready! In this talk, we cover how to improve the security for common Azure resources.
I will review a typical demoware website application that uses Azure SQL. I will show the components and functionality of the solution. Then I will secure the solution with an overview of the security recommendations.
Azure RBAC
- How this impacts Azure Resource Group organization
Security for IaaS
- Azure Virtual Machines
- VNET’s
- Azure Storage
Security for PaaS
- Azure SQL
- Azure Web Apps
Security for FaaS
- Azure Functions
- Azure Logic Apps
Notes
I have spent the last three years working with Azure as an Application or Cloud Architect. My recent focus has been on building long-term strategies on how to migrate existing applications to the cloud. In addition, I am a Microsoft Certified Azure Architect.
I started speaking in 2018 at local meetups (Fort Smith, AR; Little Rock, AR; Tulsa, OK) and presented at my first conference Little Rock Tech Fest 2019.