Implementing Host Security
Configuring Container Security
The course is part of these learning paths
This course focuses on implementing security controls, maintaining the security posture of an Azure environment, and protecting data, applications, and networks, showing you how to configure security for your containers and virtual machines.
The content of this course is ideally suited to those looking to become certified Azure security engineers.
For any feedback, queries, or suggestions relating to this course, please contact us at firstname.lastname@example.org.
- Understand how to configure VM security including VM endpoints and system updates
- Configure baselines
- Understand key Azure networking components
- Configure AKS security
- Obtain a basic understanding of Azure Container Registry and how to create registries in Azure
- Manage vulnerabilities in Azure
This course is intended for people who want to become Microsoft certified Azure security engineers, or those who are tasked with implementing security controls, maintaining the security posture of an Azure environment, or protecting data, applications, and networks.
To get the most from this course, you should have a moderate understanding of Microsoft Azure and of basic security principles.
Welcome back. In this demonstration, I'm going to quickly show you how to create a container registry using the Azure portal. On the screen here you can see I'm logged in to my portal and I'm logged in as an Administrator. To create my container registry, what I'm going to do is click on Create a Resource here and then I'm going to browse to Containers here within the Azure marketplace.
Now within Containers here, I can select Container Registry. To create my Container Registry, I need to provide a unique registry name and when I say unique, I mean it needs to be unique across Azure because it's going to get an FQDN with the domain name here of Azure CR.IO. So what I'll do here is I'll call it my 9878 registry. This name that I give it can contain anywhere between five and 50 alphanumeric characters. And then what I do here is select the subscription I'm going to deploy to and then a resource group.
So I'll select one of my resource groups here and then of course as with any other Azure resource, I need to select the location. I'll leave it in East U.S. Now if we hover over the icon next to Admin User, we can see that if we enable this option, we can use the registry name as username and Admin User Access Key as the password to dock or log in for the container registry. I'm going to leave this disabled here and go with the standard SCU. We'll go ahead and click Create and what this will do is create my new container registry.
Now that my registry had been created, what I'll do here is browse out to the resource group that contains it and we'll open up our registry.
Introduction - Configuring Endpoint Security within VMs - Configuring and Monitoring Antimalmare for VMs - Configuring Virtual Machine Security - Hardening Virtual Machines - Configuring System Updates for Virtual Machines - Starting a Runbook from the Azure Portal - Configuring Baselines - Azure Networking - Configuring Authentication - Container Isolation - AKS Security - Azure Container Registry - Implementing Vulnerability Management - Conclusion
About the Author
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.