Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cosmos DB Security
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Muhammad Sajid
June 17, 2020
Technology
58
0
Share
Cosmos DB Security
Muhammad Sajid
June 17, 2020
More Decks by Muhammad Sajid
See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
msajid
0
150
Azure App configuration
msajid
2
870
Other Decks in Technology
See All in Technology
Zephyr(RTOS)でOpenPLCを実装してみた
iotengineer22
0
180
JEDAI認定プログラム JEDAI Order 2026 受賞者一覧 / JEDAI Order 2026 Winners
databricksjapan
0
460
PostgreSQL 18のNOT ENFORCEDな制約とDEFERRABLEの関係
yahonda
1
190
スクラムを支える内部品質の話
iij_pr
0
160
OCI技術資料 : 証明書サービス概要
ocise
1
7.2k
Physical AI on AWS リファレンスアーキテクチャ / Physical AI on AWS Reference Architecture
aws_shota
1
280
来期の評価で変えようと思っていること 〜AI時代に変わること・変わらないこと〜
estie
0
130
開発チームとQAエンジニアの新しい協業モデル -年末調整開発チームで実践する【QAリード施策】-
kaomi_wombat
0
290
15年メンテしてきたdotfilesから開発トレンドを振り返る 2011 - 2026
giginet
PRO
2
260
How to install a gem
indirect
0
2k
第26回FA設備技術勉強会 - Claude/Claude_codeでデータ分析 -
happysamurai294
0
320
BFCacheを活用して無限スクロールのUX を改善した話
apple_yagi
0
140
Featured
See All Featured
Practical Orchestrator
shlominoach
191
11k
Thoughts on Productivity
jonyablonski
76
5.1k
GraphQLの誤解/rethinking-graphql
sonatard
75
12k
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
1
450
Optimising Largest Contentful Paint
csswizardry
37
3.6k
How to Ace a Technical Interview
jacobian
281
24k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
1.9k
Discover your Explorer Soul
emna__ayadi
2
1.1k
Organizational Design Perspectives: An Ontology of Organizational Design Elements
kimpetersen
PRO
1
660
Context Engineering - Making Every Token Count
addyosmani
9
790
We Are The Robots
honzajavorek
0
210
What does AI have to do with Human Rights?
axbom
PRO
1
2.1k
Transcript
#StockholmAzure Meetup Sponsors
Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System
Muhammad Sajid Mohammed Osman
Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld
deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.
Muhammad Sajid Cloud Solutions Architect with a passion for designing
and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
None
Hardening Cosmos DB Security
Azure Policy support for Azure Cosmos DB
Encryption at Rest (on by default) • Service managed Keys
◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
None
Get, Wrap, Unwrap
None
None
IP filter
Minimum TLS version? And Weak ciphers
None
None
None
Network Isolation using Private link Private access to Azure PaaS
Services
None
Demo
Takeaways • Use Azure policies • Use customer managed keys
feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.
Questions?
@sajid_nazeer linkedin.com/in/musa
msajid
iotengineer22
databricksjapan
yahonda
iij_pr
ocise
aws_shota
estie
kaomi_wombat
giginet
indirect
happysamurai294
apple_yagi
shlominoach
jonyablonski
sonatard
katarinadahlin
csswizardry
jacobian
reverentgeek
emna__ayadi
kimpetersen
addyosmani
honzajavorek
axbom
