Microsoft Azure supports Node.js for building and deploying cloud applications. This course explores security-oriented Azure services, including software containers, role-based access control, and more.
In this course, Microsoft Azure for Node.js Developers - Building Secure Services and Applications, you'll focus on security-oriented Azure features you'd consider in a Node.js application. First, you'll explore software containers with Docker as a way to develop and deploy applications in self-contained, standardized units. You'll then step into automation and resource management, using policies, locks, Role-based Access Control and Azure Resource Manager Templates. You'll then explore storing secrets in an Azure Key Vault, and finish with authentication and authorization using Azure Active Directory. When you're finished with this course, you'll have learned about multiple resources that will help you as you build secure Node applications deployed in Microsoft Azure. This course is adapted from "Microsoft Azure for .NET Developers - Building Secure Services and Applications" by Scott Allen.
Simon is a staff author at Pluralsight. With a 30-year background in programming and teaching, he obsesses on making complicated subjects accessible, memorable, and easier to learn. Since 2002, he's recorded dozens of popular and highly-rated training courses. His current focus is on iOS and computer science topics.
Course Overview Welcome. I'm Simon Allardice and in this course, we're diving into Microsoft Azure's security oriented features to consider when deploying a node. js application. We'll begin with software containers as a way to develop and deploy in self-contained, standardized units. We'll explore policies and role-based access, then cover automation and provisioning entire environments using Azure resource manager templates. We'll cover options for authentication and authorization for our applications and our APIs, using Azure Active Directory together with passport authentication middleware for Node. And use Azure Key Vault as a way to securely encrypt and store secrets, keys, and certificates. By the end of the course, you'll have an understanding of multiple techniques and approaches you can use to build your own secure systems. Let's get started.
Resource Management and Automation All along in this course and the previous we have been deploying applications into Azure, and even when those demo apps were small, we've used multiple individual Azure resources. First, make an app service, then add a storage account, and also a Cosmos DB, perhaps a Redis cache or a content delivery network or a virtual machine. And after this, perhaps a load balancer and a virtual network, but of course each of these resources also has multiple configuration steps. It's not just make an app service, but then set up auto scaling rules for it. Create deployment slots in it, define environment variables. Now we've worked on automating a few small pieces of this picture, mostly focusing on how we could push out code updates like having continuous build with Github or team services, or in the previous module using a container registry. But in this module, we're going to widen our perspective. We're going to work with automating entire deployments, defining our complete infrastructure and managing those details all at once as related pieces of one larger idea, and keeping this knowledge in Azure, not just in our heads. So we could save it, we could make changes to it, we could version it, even making it repeatable. So we could take this environment and then spin up a test deployment or one for QA, use it and then blow it away when we're done. And where we won't need to use the portal or the Azure CLI to create these resources and configure them one line after another, because Azure and the tools in Azure will help us automate the entire scenario. So that once it's defined I could deploy and copy and redeploy these environments at any time. And I don't just mean write a script to do that. We could, but there are better ways. We'll be using Azure resource manager or ARM. Now even if you might not be the person who will end up implementing and managing all of this in your organization, you'll find it a valuable exercise because as much as anything, it gets you thinking about the entire architecture. So let's start our journey of automation by learning what resource manager can do.
Working with Azure Key Vault This next module is all about secrets and using Azure to keep those secrets. We'll be working with Azure key vault, a built in resource for securely storing information, but a vault is only useful if there's good security around it. Along the way, we'll need to dig into the idea of principles and of using Azure Active Directory. Over the next few clips, we'll explore creating key vaults, configuring permissions to allow and restrict access to them and using node. js to authenticate and retrieve secrets from the vault.
Managing Identity In this final module we will look at securing our web applications, and we'll be using Azure Active Directory, or Azure AD as a way to provide identity as a service in the cloud, and by that phrase, identity as a service, I mean that we can focus on building our application features instead of implementing sign-up pages, and password reset pages, and encryption, and hashing algorithms, and multi-factor authentication. We just let Azure handle those features instead, but as we'll see, there's a variety of ways we can use Azure Active Directory depending on how much or how little you'd like it to do, but as this course is oriented around Node. js we'll be using Passport, popular authentication middleware, and there's no conflict here, Passport works extremely well with Azure Active Directory. So let's get started with an overview of Azure AD and see what it can do, and the things we need to think about.