AZ-2001: Implement security through a pipeline using Azure DevOps

Course Description

Ensure secure CI/CD practices by learning to implement security through a pipeline using Azure DevOps. In this focused, one-day instructor-led course, DevOps engineers, administrators, and security professionals will build knowledge around securing Azure Pipelines from project structuring to identity, permissions, variable management, and template hygiene. Participants will learn to configure secure access, extend pipelines with templates, and enforce security best practices across Azure DevOps environments.

Target Audience

Ideal for:

• Azure DevOps Engineers, DevOps Professionals, Security Engineers, and Administrators

• Technical leaders looking to harden CI/CD pipelines in Azure DevOps

Prerequisites:

• Experience with Azure Pipelines, repos, and CI/CD tools

• Basic understanding of identities, permissions, and Azure Portal resources such as Key Vault 

Course Outline 

Module 1: Secure Project & Repository Structure

• Design project and repository topology to support pipeline security best practices

• Isolate secrets and code by structuring separate security repositories 

Module 2: Configure Secure Access to Pipeline Resources

• Secure agent pools, service connections, environments, and storage

• Manage secret variables, secure files, and Azure Key Vault integration 

Module 3: Manage Identity for Pipelines and Agents

• Implement identity management for Microsoft-hosted and self-hosted agents

• Configure service principal scopes and transition to managed identities 

Module 4: Configure and Validate Permissions

• Define and audit user roles, pipeline permissions, and approvals

• Enforce branch policies, security validations, and compliance checks 

Module 5: Extend Pipelines Using Secure Templates

• Break pipelines into reusable, nested YAML templates

• Avoid secrets in pipelines using tokenization and logging restrictions 

Module 6: Secure Variables and Parameters in Pipelines

• Enforce type safety for variables and parameters

• Secure parameterized pipelines and validate mandatory settings 

HandsOn Experience

Approximately 40–50% of the course is interactive—combining guided exercises, real-world demonstrations, and secure pipeline configuration labs. You’ll secure Azure DevOps pipelines from end to end while implementing security through a pipeline using Azure DevOps.

Skills You’ll Gain

By completing AZ2001, you will be able to:

• Design secure project and repository structures for pipelines

• Configure secure access to pipeline resources and secret management

• Manage identities for pipelines, agents, and service connections

• Define and validate pipeline-level permissions and security checks

• Modularize pipelines using secure, parameterized templates

• Enforce secure variable and parameter usage