Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cosmos DB Security
Search
Muhammad Sajid
June 17, 2020
Technology
0
49
Cosmos DB Security
Muhammad Sajid
June 17, 2020
Tweet
Share
More Decks by Muhammad Sajid
See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
msajid
0
140
Azure App configuration
msajid
2
750
Other Decks in Technology
See All in Technology
ここがすごいよ! AWS Systems Manager!
saichan11
0
1.8k
地理情報とAPIのトレンド
nagix
0
160
Amazon FSx for NetApp ONTAPのパフォーマンスチューニング要素をまとめてみた #cm_odyssey #devio2024
non97
0
220
可視化プラットフォームGrafanaの基本と活用方法の全て
hamadakoji
0
230
AWSサービスメニュー開発をしていてAWSを好きだ!と感じた瞬間
toru_kubota
0
130
サービスの持続的な成長と技術負債について
siva_official
PRO
10
4.4k
コミュニティサービスに「あなたへ」フィードを リリースするまでの試行錯誤
takapy
1
150
20240725 LLMによるDXのビジョンと、今何からやるべきか @Azure OpenAI Service Dev Day
nrryuya
3
1.2k
フルリモートワークはエンジニアの夢を叶えたか? #cm_odyssey
mamohacy
2
600
ソフトウェアエンジニアリングの知見を活かして データ基盤をいい感じにする on Snowflake [MIERUNE BBQ #10]
mtpooh
2
150
CTOから見た事業開発とプロダクト開発 / My Perspective on Business and Product Development as CTO
keisuke69
4
960
GoとアクターモデルでES+CQRSを実践! / proto_actor_es_cqrs
ytake
1
150
Featured
See All Featured
How GitHub (no longer) Works
holman
305
140k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
17
1.5k
Building an army of robots
kneath
301
42k
Product Roadmaps are Hard
iamctodd
PRO
48
10k
Gamification - CAS2011
davidbonilla
78
4.9k
Ruby is Unlike a Banana
tanoku
96
10k
WebSockets: Embracing the real-time Web
robhawkes
59
7.2k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
12
3.8k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
662
120k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
129
32k
Building a Scalable Design System with Sketch
lauravandoore
458
32k
How to Ace a Technical Interview
jacobian
274
23k
Transcript
#StockholmAzure Meetup Sponsors
Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System
Muhammad Sajid Mohammed Osman
Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld
deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.
Muhammad Sajid Cloud Solutions Architect with a passion for designing
and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
None
Hardening Cosmos DB Security
Azure Policy support for Azure Cosmos DB
Encryption at Rest (on by default) • Service managed Keys
◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
None
Get, Wrap, Unwrap
None
None
IP filter
Minimum TLS version? And Weak ciphers
None
None
None
Network Isolation using Private link Private access to Azure PaaS
Services
None
Demo
Takeaways • Use Azure policies • Use customer managed keys
feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.
Questions?
@sajid_nazeer linkedin.com/in/musa