The document discusses Azure Key Vault and Azure App Configuration for securely storing secrets and managing application configurations. Key Vault allows storing and managing cryptographic keys, secrets and certificates. It provides security features like access control and hardware security modules. App Configuration enables centralized management of configuration settings as key-value pairs and feature flags to control features. Both services integrate with Azure and popular programming languages. The document provides an overview of their features and benefits.
Azure Meetup: Keep your secrets and configurations safe in azure!dotnetcode
Le nostre applicazioni hanno di tutto nei loro file di configurazione: stringhe di connessione, chiavi di accesso ai servizi e informazioni sensibili si trovano, in chiaro, scritti in file accessibili da chiunque. Ogni applicazione, inoltre, ha il suo file di configurazione dove vengono duplicate informazioni che sono sempre le stesse.Sarà il modo corretto di conservare i segreti?
Come faccio a sapere chi e quando accede alle informazioni sensibili e come posso centralizzare le configurazioni comuni?
Azure Key Vault e Azure App Configuration possono essere la soluzione ai nostri problemi. In questo meetup vedremo quali strumenti e funzionalità ci forniscono per mettere in sicurezza le informazioni sensibili di configurazione delle nostre applicazioni…..e non solo!!!
Use App Configuration to store all the settings for your application and secure their accesses in one place.
Centralize management and distribution of hierarchical configuration data for different environments and geographies
Dynamically change application settings without the need to redeploy or restart an application
At the core its a key-value store
Supports history
Great fit for Event-driven microservices architecture
Control feature availability in real-time
Cloud Native Implementation of the “External configuration store” pattern
https://www.meetup.com/Stockholm-Azure-Meetup/events/265524268/
Azure Arc offers simplified management, faster app development, and consistent Azure services. Easily organize, govern, and secure Windows, Linux, SQL Server, and Kubernetes clusters across data centers, the edge, and multicloud environments right from Azure. Architect, design, and build cloud-native apps anywhere without sacrificing central visibility and control. Get Azure innovation and cloud benefits by deploying consistent Azure data, application, and machine learning services on any infrastructure.
Gain central visibility, operations, and compliance
Centrally manage a wide range of resources including Windows and Linux servers, SQL server, Kubernetes clusters, and Azure services.
Establish central visibility in the Azure portal and enable multi-environment search with Azure Resource Graph.
Meet governance and compliance standards for apps, infrastructure, and data with Azure Policy.
Delegate access and manage security policies for resources using role-based access control (RBAC) and Azure Lighthouse.
Organize and inventory assets through a variety of Azure scopes, such as management groups, subscriptions, resource groups, and tags.
Learn more about hybrid and multicloud management in the Microsoft Cloud Adoption Framework for Azure.
Centralized Configuration Management for the Cloud with Azure App ConfigurationKasun Kodagoda
This presentation was conducted at Azure Squad September Meetup giving the audience exposure to the capabilities of Azure App Configuration and how to use it in ASP.Net Core applications
Azure Meetup: Keep your secrets and configurations safe in azure!dotnetcode
Le nostre applicazioni hanno di tutto nei loro file di configurazione: stringhe di connessione, chiavi di accesso ai servizi e informazioni sensibili si trovano, in chiaro, scritti in file accessibili da chiunque. Ogni applicazione, inoltre, ha il suo file di configurazione dove vengono duplicate informazioni che sono sempre le stesse.Sarà il modo corretto di conservare i segreti?
Come faccio a sapere chi e quando accede alle informazioni sensibili e come posso centralizzare le configurazioni comuni?
Azure Key Vault e Azure App Configuration possono essere la soluzione ai nostri problemi. In questo meetup vedremo quali strumenti e funzionalità ci forniscono per mettere in sicurezza le informazioni sensibili di configurazione delle nostre applicazioni…..e non solo!!!
Use App Configuration to store all the settings for your application and secure their accesses in one place.
Centralize management and distribution of hierarchical configuration data for different environments and geographies
Dynamically change application settings without the need to redeploy or restart an application
At the core its a key-value store
Supports history
Great fit for Event-driven microservices architecture
Control feature availability in real-time
Cloud Native Implementation of the “External configuration store” pattern
https://www.meetup.com/Stockholm-Azure-Meetup/events/265524268/
Azure Arc offers simplified management, faster app development, and consistent Azure services. Easily organize, govern, and secure Windows, Linux, SQL Server, and Kubernetes clusters across data centers, the edge, and multicloud environments right from Azure. Architect, design, and build cloud-native apps anywhere without sacrificing central visibility and control. Get Azure innovation and cloud benefits by deploying consistent Azure data, application, and machine learning services on any infrastructure.
Gain central visibility, operations, and compliance
Centrally manage a wide range of resources including Windows and Linux servers, SQL server, Kubernetes clusters, and Azure services.
Establish central visibility in the Azure portal and enable multi-environment search with Azure Resource Graph.
Meet governance and compliance standards for apps, infrastructure, and data with Azure Policy.
Delegate access and manage security policies for resources using role-based access control (RBAC) and Azure Lighthouse.
Organize and inventory assets through a variety of Azure scopes, such as management groups, subscriptions, resource groups, and tags.
Learn more about hybrid and multicloud management in the Microsoft Cloud Adoption Framework for Azure.
Centralized Configuration Management for the Cloud with Azure App ConfigurationKasun Kodagoda
This presentation was conducted at Azure Squad September Meetup giving the audience exposure to the capabilities of Azure App Configuration and how to use it in ASP.Net Core applications
1. Overview of DevOps
2. Infrastructure as Code (IaC) and Configuration as code
3. Identity and Security protection in CI CD environment
4. Monitor Health of the Infrastructure/Application
5. Open Source Software (OSS) and third-party tools, such as Chef, Puppet, Ansible, and Terraform to achieve DevOps.
6. Future of DevOps Application
A description of Azure Key Vault. Why do we need Azure Key Vault where does it fit in a solution. The details of storing keys, secrets and certificate inside of key vault. Using key vault for encryption and decryption of data
Azure Identity (AD,ADFS 2.0,AAD,ADB2C,OAuth,OpenID,PingID,AD Custom Policies) ,
Azure PaaS (Azure Functions, Serverless computing, Azure Comsos DB, Webhooks, API Apps, Logic Apps, Kudu, Azure Websites), Azure Functions, Lamda Function, Event Functions, Serverless architecture, Implementing azure functions on GIT HUB comment feature, Why Azure Functions, Azure Virtual Machines, Azure Cloud Services, Azure Web Apps & WebJobs, Service Fabric, Consumption Plans, Billing Model, Benefits of Azure Functions, What is serverless, Implementing bigger solutions into smaller azure functions, Microservices, Use cases, Function App, Implementation storing unstructured data using Azure functions into Cosmos DB, Cosmos DB, Custom Azure functions, Azure Cosmos DB, IOTS, Document DB, Doc DB, How to setup a Jenkins build server and automatically trigger code from Visual studio online,Azure App Service, App service Environment, Azure Stack, Managing Azure App services, Azure Powershell, Azure CLI, REST APIS, Azure Portal, Templates, Kudu Console access, Run GIT Commands on Kudu Console, Locking Azure Resources, Configuring Custom Domains, Adding Extensions to Azure Web App/Websites, App service Deployment options, Data Services in Azure , Azure SQL, Azure SQL server, Azure SQL database vs SQL server in a Azure VM, SQL Tiers, DTU, Data Transactional Unit, Planning & provisioning azure SQL databases,Migrating SQL Databases, Azure SQL Server, SQL server transactional replication, Deploy database to Microsoft Azure Database Wizard, DAC package, DAC, SQL compatibility issues, Migrating SQL with downtime, DMA, Data Migration Assistant, Database Snapshot, Migrating SQL without downtime, DTU, Data Transactional Unit, Recommendations for best performance during SQL Import Process, Transactional Replication, T-SQL, Task to implement what ever you learnt till now,
DevSum - Top Azure security fails and how to avoid themKarl Ots
As presented at the DevSum19 conference in Stockholm, Sweden.
Karl Ots has assessed the security of over 100 solutions built on the Microsoft Azure cloud. He has found that there are 6 key security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
Discuss four pillars of azure architecture - Security, Performance & scalability, Availability & recoverability and Efficiency & Operation. Things you need to consider before architecting in the cloud. This presentation also provides a framework for architectural decisions
Feature Toggle for .Net Core Apps on Azure with Azure App Configuration Featu...Kasun Kodagoda
Use Microsoft.FeatureManagement library to add feature flags to your .Net Core applications and the use Azure App Configuration Feature Management capabilities to manage feature flags in a central location.
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
Techorama Belgium 2019: top Azure security fails and how to avoid themKarl Ots
Karl Ots has assessed the security of over 100 Azure solutions. He has found that there are 18 security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
As presented by Karl Ots in Techorama Belgium 2019 conference in Antwerpen.
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentRoy Kim
This is a presentation I held at a local Azure user group. The session abstract: Azure Key Vault is a tool for securely storing and accessing secrets. We will go through a popular Azure PaaS Architecture pattern using Key Vault to store a password. I will demo and walk through the general configuration of a dedicated Azure Function app, Azure SQL and Key Vault that was deployed with automation. I will then go through fairly advanced techniques and best practices on how to deploy Azure Key Vault and a password secret with ARM templates. Finally, a very brief look at my Azure DevOps Pipeline to deploy the ARM template. You will come away with an understanding of an applied use case of leveraging Azure Key vault for a PaaS solution in better managing a password secret.
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
Security in the cloud Workshop HSTC 2014Akash Mahajan
A broad overview of what it takes to be secure. This is more of an introduction where we introduce the basic terms around Cloud Computing and how do we go about securing our information assets(Data, Applications and Infrastructure)
The workshop was fun because all the slides were paired with real world examples of security breaches and attacks.
Azure SQL Database now has a Managed Instance, for near 100% compatibility for lifting-and-shifting applications running on Microsoft SQL Server to Azure. Contact me for more information.
Azure Arc is a solution that simplifies management across different hybrid clouds or multi-clouds. Azure Arc extends Azure management and security beyond the walls of Azure to other cloud platforms or on-premises environments enabling you to make use of Azure services to manage infrastructure at these environments. In this session, you will be introduced to Azure Arc, why should you use it and how to make use of it in different scenarios.
Hello everyone! I am thrilled to present my latest portfolio on LinkedIn, marking the culmination of my architectural journey thus far. Over the span of five years, I've been fortunate to acquire a wealth of knowledge under the guidance of esteemed professors and industry mentors. From rigorous academic pursuits to practical engagements, each experience has contributed to my growth and refinement as an architecture student. This portfolio not only showcases my projects but also underscores my attention to detail and to innovative architecture as a profession.
1. Overview of DevOps
2. Infrastructure as Code (IaC) and Configuration as code
3. Identity and Security protection in CI CD environment
4. Monitor Health of the Infrastructure/Application
5. Open Source Software (OSS) and third-party tools, such as Chef, Puppet, Ansible, and Terraform to achieve DevOps.
6. Future of DevOps Application
A description of Azure Key Vault. Why do we need Azure Key Vault where does it fit in a solution. The details of storing keys, secrets and certificate inside of key vault. Using key vault for encryption and decryption of data
Azure Identity (AD,ADFS 2.0,AAD,ADB2C,OAuth,OpenID,PingID,AD Custom Policies) ,
Azure PaaS (Azure Functions, Serverless computing, Azure Comsos DB, Webhooks, API Apps, Logic Apps, Kudu, Azure Websites), Azure Functions, Lamda Function, Event Functions, Serverless architecture, Implementing azure functions on GIT HUB comment feature, Why Azure Functions, Azure Virtual Machines, Azure Cloud Services, Azure Web Apps & WebJobs, Service Fabric, Consumption Plans, Billing Model, Benefits of Azure Functions, What is serverless, Implementing bigger solutions into smaller azure functions, Microservices, Use cases, Function App, Implementation storing unstructured data using Azure functions into Cosmos DB, Cosmos DB, Custom Azure functions, Azure Cosmos DB, IOTS, Document DB, Doc DB, How to setup a Jenkins build server and automatically trigger code from Visual studio online,Azure App Service, App service Environment, Azure Stack, Managing Azure App services, Azure Powershell, Azure CLI, REST APIS, Azure Portal, Templates, Kudu Console access, Run GIT Commands on Kudu Console, Locking Azure Resources, Configuring Custom Domains, Adding Extensions to Azure Web App/Websites, App service Deployment options, Data Services in Azure , Azure SQL, Azure SQL server, Azure SQL database vs SQL server in a Azure VM, SQL Tiers, DTU, Data Transactional Unit, Planning & provisioning azure SQL databases,Migrating SQL Databases, Azure SQL Server, SQL server transactional replication, Deploy database to Microsoft Azure Database Wizard, DAC package, DAC, SQL compatibility issues, Migrating SQL with downtime, DMA, Data Migration Assistant, Database Snapshot, Migrating SQL without downtime, DTU, Data Transactional Unit, Recommendations for best performance during SQL Import Process, Transactional Replication, T-SQL, Task to implement what ever you learnt till now,
DevSum - Top Azure security fails and how to avoid themKarl Ots
As presented at the DevSum19 conference in Stockholm, Sweden.
Karl Ots has assessed the security of over 100 solutions built on the Microsoft Azure cloud. He has found that there are 6 key security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
Discuss four pillars of azure architecture - Security, Performance & scalability, Availability & recoverability and Efficiency & Operation. Things you need to consider before architecting in the cloud. This presentation also provides a framework for architectural decisions
Feature Toggle for .Net Core Apps on Azure with Azure App Configuration Featu...Kasun Kodagoda
Use Microsoft.FeatureManagement library to add feature flags to your .Net Core applications and the use Azure App Configuration Feature Management capabilities to manage feature flags in a central location.
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
Techorama Belgium 2019: top Azure security fails and how to avoid themKarl Ots
Karl Ots has assessed the security of over 100 Azure solutions. He has found that there are 18 security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
As presented by Karl Ots in Techorama Belgium 2019 conference in Antwerpen.
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentRoy Kim
This is a presentation I held at a local Azure user group. The session abstract: Azure Key Vault is a tool for securely storing and accessing secrets. We will go through a popular Azure PaaS Architecture pattern using Key Vault to store a password. I will demo and walk through the general configuration of a dedicated Azure Function app, Azure SQL and Key Vault that was deployed with automation. I will then go through fairly advanced techniques and best practices on how to deploy Azure Key Vault and a password secret with ARM templates. Finally, a very brief look at my Azure DevOps Pipeline to deploy the ARM template. You will come away with an understanding of an applied use case of leveraging Azure Key vault for a PaaS solution in better managing a password secret.
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
Security in the cloud Workshop HSTC 2014Akash Mahajan
A broad overview of what it takes to be secure. This is more of an introduction where we introduce the basic terms around Cloud Computing and how do we go about securing our information assets(Data, Applications and Infrastructure)
The workshop was fun because all the slides were paired with real world examples of security breaches and attacks.
Azure SQL Database now has a Managed Instance, for near 100% compatibility for lifting-and-shifting applications running on Microsoft SQL Server to Azure. Contact me for more information.
Azure Arc is a solution that simplifies management across different hybrid clouds or multi-clouds. Azure Arc extends Azure management and security beyond the walls of Azure to other cloud platforms or on-premises environments enabling you to make use of Azure services to manage infrastructure at these environments. In this session, you will be introduced to Azure Arc, why should you use it and how to make use of it in different scenarios.
Similar to Secretsth-Azure-KeyVault-and-Azure-App.pdf (20)
Hello everyone! I am thrilled to present my latest portfolio on LinkedIn, marking the culmination of my architectural journey thus far. Over the span of five years, I've been fortunate to acquire a wealth of knowledge under the guidance of esteemed professors and industry mentors. From rigorous academic pursuits to practical engagements, each experience has contributed to my growth and refinement as an architecture student. This portfolio not only showcases my projects but also underscores my attention to detail and to innovative architecture as a profession.
White wonder, Work developed by Eva TschoppMansi Shah
White Wonder by Eva Tschopp
A tale about our culture around the use of fertilizers and pesticides visiting small farms around Ahmedabad in Matar and Shilaj.
Dive into the innovative world of smart garages with our insightful presentation, "Exploring the Future of Smart Garages." This comprehensive guide covers the latest advancements in garage technology, including automated systems, smart security features, energy efficiency solutions, and seamless integration with smart home ecosystems. Learn how these technologies are transforming traditional garages into high-tech, efficient spaces that enhance convenience, safety, and sustainability.
Ideal for homeowners, tech enthusiasts, and industry professionals, this presentation provides valuable insights into the trends, benefits, and future developments in smart garage technology. Stay ahead of the curve with our expert analysis and practical tips on implementing smart garage solutions.
Between Filth and Fortune- Urban Cattle Foraging Realities by Devi S Nair, An...Mansi Shah
This study examines cattle rearing in urban and rural settings, focusing on milk production and consumption. By exploring a case in Ahmedabad, it highlights the challenges and processes in dairy farming across different environments, emphasising the need for sustainable practices and the essential role of milk in daily consumption.
Book Formatting: Quality Control Checks for DesignersConfidence Ago
This presentation was made to help designers who work in publishing houses or format books for printing ensure quality.
Quality control is vital to every industry. This is why every department in a company need create a method they use in ensuring quality. This, perhaps, will not only improve the quality of products and bring errors to the barest minimum, but take it to a near perfect finish.
It is beyond a moot point that a good book will somewhat be judged by its cover, but the content of the book remains king. No matter how beautiful the cover, if the quality of writing or presentation is off, that will be a reason for readers not to come back to the book or recommend it.
So, this presentation points designers to some important things that may be missed by an editor that they could eventually discover and call the attention of the editor.
2. 2
ARGOMENTO
Secrets safe and centralize with Azure
KeyVault and Azure App Configuration!
«My name is Bonanni,
Massimo Bonanni»
3.
4. Azure Key Vault is a
service that enables you to
store & manage
cryptographic keys and
secrets in one central
secure vault!!
5. The doubts of the Developers and IT Pros!!
I don't want the
responsibility or potential
liability for my customers'
tenant keys and secrets.
I want to write an
application for Azure that
uses keys for signing and
encryption. But I want
these keys to be external
from my application.
I want customers to own and
manage their keys so that I
can concentrate on doing
what I do best, which is
providing the core software
features.
I want to make sure that
my organization is in
control of the key
lifecycle and can monitor
key usage.
6. Azure KeyVault key features
Secrets
Management
Azure Key Vault can be
used to Securely store
and tightly control access
to tokens, passwords,
certificates, API keys, and
other secrets
Key Management
Azure Key Vault can also
be used as a Key
Management solution.
Azure Key Vault makes it
easy to create and
control the encryption
keys used to encrypt your
data.
Certificate
Management
Azure Key Vault lets you
easily provision, manage,
and deploy public and
private Transport Layer
Security/Secure Sockets
Layer (TLS/SSL)
certificates.
Store secrets
backed by
Hardware Security
Modules
The secrets and keys can
be protected either by
software or FIPS 140-2
Level 2 validated HSMs
7. Azure KeyVault actors
Vault Custodian
• Can create a key vault and
gain full access and control
over it.
• Can set up auditing to log
who accesses secrets and
keys.
• Can control the key
lifecycle. Can roll to a new
version of the key, back it
up, and do related tasks.
Vault Consumer
• A vault consumer can
perform actions on the
assets inside the key vault
when the vault owner
grants the consumer
access.
• The available actions
depend on the permissions
granted.
8. Access model overview
• The management plane is where you manage Key Vault itself
• Operations in this plane include creating and deleting key
vaults, retrieving Key Vault properties, and updating access
policies
• Uses Azure Active Directory (Azure AD) for authentication
• Uses role-based access control (RBAC) for authorization
Management
Plane
Interface
• The data plane is where you work with the data stored in a key
vault
• You can add, delete, and modify keys, secrets, and certificates
• Uses Azure Active Directory (Azure AD) for authentication
• Uses a Key Vault access policy for authorization
Data Plane
Interface
9. Hardware Security Module (HSM)
A hardware security module (HSM) is a physical computing device that
safeguards and manages digital keys for strong authentication and
provides cryptoprocessing.
A hardware security module contains one or more secure cryptoprocessor
chips.
HSM modules are typically certified to internationally recognized
standards such as Common Criteria or FIPS 140.
10. Platform Integration
Azure Disk Encryption
Trasparent Data Encryptionin Azure SQL Database
Azure App Service
Storage Account
ARM Template
Azure DevOps pipelines
…
11. How much?
Two different plans: Standard and
Premium
Operations against all keys, secrets,
and certificates are billed at a flat rate
of €0.026 per 10,000 operations
Renewals of certificates: €2.530 per
renewal request.
Software-Protected Keys:
•RSA 2048-bit keys, €0.026/10,000 transactions
•RSA 3072-bit, RSA 4096-bit, and Elliptic-Curve
Cryptography (ECC) keys, €0.127/10,000
transactions
HSM-protected keys (only premium)
•RSA 2048-bit keys €0.844 per key per
month + €0.026/10,000 transactions
15. Why use Azure Key Vault?
Centralize application secrets
Securely store secrets and keys
Monitor access and use
Simplified administration of application secrets
Integrate with other Azure services
17. App Configuration Key features
• Stores configuration data as key-value pairs
Key-Value
store
• Maintains a record of changes made to key-value pairs
• You can reconstruct the history of any key-value within the previous
seven days
Point-in-time
snapshot
• Decouples feature release from code deployment
• Enables quick changes to feature availability on demand
• AKA ”feature flags”
Feature
management
• Encrypt using customer-managed keys
• Using private endpoints
• Integrate with Azure Managed Identity and Azure KeyVault
Security
18. App Configuration benefits
A fully managed
service that can be
set up in minutes
Flexible key
representations
and mappings
Tagging with labels
Point-in-time
replay of settings
Dedicated UI for
feature flag
management
Comparison of two
sets of
configurations on
custom-defined
dimensions
Enhanced security
through Azure-
managed identities
Encryption of
sensitive
information at rest
and in transit
Native integration
with popular
frameworks
19. Feature Management
Feature management is a modern software-development
practice that decouples feature release from code
deployment and enables quick changes to feature availability
on demand.
It uses a technique called feature flags (also known
as feature toggles, feature switches, and so on) to
dynamically activate/disactivate a feature.
21. Feature Management – Basic Concepts
A feature flag is a variable with a binary state of on or off. The feature flag also
has an associated code block.
The feature flag's state triggers whether the code block runs.
Feature
flag
A feature manager is an application package that handles the life cycle of all the
feature flags in an application.
The feature manager also provides additional functionality, including caching
feature flags and updating their states.
Feature
manager
A filter is a rule for evaluating the state of a feature flag.
Potential filters include user groups, device or browser types, geographic
locations, and time windows.
Filter
22. Point-in-time snapshot
Azure App Configuration keeps records of the precise times when a new
key-value pair is created and then modified.
These records form a complete timeline in key-value changes.
An App Configuration store can reconstruct the history of any key value
and replay its past value at any given moment, up to the present.
With this feature, you can “time-travel” backward and retrieve an old
key value.
23. Resiliency and disaster recovery
Azure App Configuration is a regional service.
To realize cross-region redundancy, you need to create
multiple App Configuration stores in different regions.
Your application loads its configuration from both the primary and secondary stores.
You can use the Export function in App Configuration to copy data from the primary store to the
secondary on demand
26. Why use App Configuration?
Centralize management and distribution of hierarchical
configuration data for different environments and geographies
Dynamically change application settings without the need to
redeploy or restart an application
Control feature availability in real-time
Enhanced security through Azure-managed identities
Encryption of sensitive information at rest and in transit
Native integration with popular frameworks
27. “
Companies spend millions of dollars on
firewalls and secure access devices,
and it's money wasted because none
of these measures address the
weakest link in the security chain:
the people who use, administer and
operate computer systems!
Kevin Mitnick
28. Thanks for your
attention!!!!!
Massimo Bonanni
Azure Technical Trainer @ Microsoft
massimo.bonanni@microsoft.com
@massimobonanni
Connect with me on LinkedIn
linkedin.com/in/massimobonanni