Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cosmos DB Security
Search
Muhammad Sajid
June 17, 2020
Technology
0
54
Cosmos DB Security
Muhammad Sajid
June 17, 2020
Tweet
Share
More Decks by Muhammad Sajid
See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
msajid
0
140
Azure App configuration
msajid
2
840
Other Decks in Technology
See All in Technology
ClaudeCodeにキレない技術
gtnao
1
860
Data Engineering Study#30 LT資料
tetsuroito
1
150
推し書籍📚 / Books and a QA Engineer
ak1210
0
140
united airlines ™®️ USA Contact Numbers: Complete 2025 Support Guide
flyunitedhelp
1
470
ソフトウェアQAがハードウェアの人になったの
mineo_matsuya
3
200
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
820
IPA&AWSダブル全冠が明かす、人生を変えた勉強法のすべて
iwamot
PRO
2
230
【あのMCPって、どんな処理してるの?】 AWS CDKでの開発で便利なAWS MCP Servers特集
yoshimi0227
6
940
Talk to Someone At Delta Airlines™️ USA Contact Numbers
travelcarecenter
0
160
「現場で活躍するAIエージェント」を実現するチームと開発プロセス
tkikuchi1002
3
280
All About Sansan – for New Global Engineers
sansan33
PRO
1
1.2k
Introduction to Sansan for Engineers / エンジニア向け会社紹介
sansan33
PRO
5
39k
Featured
See All Featured
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
53
2.9k
VelocityConf: Rendering Performance Case Studies
addyosmani
332
24k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
7
750
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.9k
Java REST API Framework Comparison - PWX 2021
mraible
31
8.7k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.7k
Making the Leap to Tech Lead
cromwellryan
134
9.4k
Adopting Sorbet at Scale
ufuk
77
9.5k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
8
700
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
990
It's Worth the Effort
3n
185
28k
Code Reviewing Like a Champion
maltzj
524
40k
Transcript
#StockholmAzure Meetup Sponsors
Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System
Muhammad Sajid Mohammed Osman
Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld
deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.
Muhammad Sajid Cloud Solutions Architect with a passion for designing
and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
None
Hardening Cosmos DB Security
Azure Policy support for Azure Cosmos DB
Encryption at Rest (on by default) • Service managed Keys
◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
None
Get, Wrap, Unwrap
None
None
IP filter
Minimum TLS version? And Weak ciphers
None
None
None
Network Isolation using Private link Private access to Azure PaaS
Services
None
Demo
Takeaways • Use Azure policies • Use customer managed keys
feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.
Questions?
@sajid_nazeer linkedin.com/in/musa