Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cosmos DB Security
Search
Muhammad Sajid
June 17, 2020
Technology
0
57
Cosmos DB Security
Muhammad Sajid
June 17, 2020
Tweet
Share
More Decks by Muhammad Sajid
See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
msajid
0
150
Azure App configuration
msajid
2
860
Other Decks in Technology
See All in Technology
20260204_Midosuji_Tech
takuyay0ne
0
120
AWS Network Firewall Proxyを触ってみた
nagisa53
0
140
Frontier Agents (Kiro autonomous agent / AWS Security Agent / AWS DevOps Agent) の紹介
msysh
3
150
プロポーザルに込める段取り八分
shoheimitani
1
170
Kiro IDEのドキュメントを全部読んだので地味だけどちょっと嬉しい機能を紹介する
khmoryz
0
160
AIと新時代を切り拓く。これからのSREとメルカリIBISの挑戦
0gm
0
780
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
sansantech
PRO
3
2.2k
15 years with Rails and DDD (AI Edition)
andrzejkrzywda
0
180
仕様書駆動AI開発の実践: Issue→Skill→PRテンプレで 再現性を作る
knishioka
2
590
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
3k
GSIが複数キー対応したことで、俺達はいったい何が嬉しいのか?
smt7174
3
140
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
slsops
2
210
Featured
See All Featured
Java REST API Framework Comparison - PWX 2021
mraible
34
9.1k
What the history of the web can teach us about the future of AI
inesmontani
PRO
1
430
Applied NLP in the Age of Generative AI
inesmontani
PRO
4
2k
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Heart Work Chapter 1 - Part 1
lfama
PRO
5
35k
AI Search: Where Are We & What Can We Do About It?
aleyda
0
6.9k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
120
For a Future-Friendly Web
brad_frost
182
10k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
49
9.8k
The Cult of Friendly URLs
andyhume
79
6.8k
16th Malabo Montpellier Forum Presentation
akademiya2063
PRO
0
47
Transcript
#StockholmAzure Meetup Sponsors
Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System
Muhammad Sajid Mohammed Osman
Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld
deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.
Muhammad Sajid Cloud Solutions Architect with a passion for designing
and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
None
Hardening Cosmos DB Security
Azure Policy support for Azure Cosmos DB
Encryption at Rest (on by default) • Service managed Keys
◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
None
Get, Wrap, Unwrap
None
None
IP filter
Minimum TLS version? And Weak ciphers
None
None
None
Network Isolation using Private link Private access to Azure PaaS
Services
None
Demo
Takeaways • Use Azure policies • Use customer managed keys
feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.
Questions?
@sajid_nazeer linkedin.com/in/musa
msajid
takuyay0ne
nagisa53
msysh
shoheimitani
khmoryz
0gm
sansantech
andrzejkrzywda
knishioka
sansan33
smt7174
slsops
mraible
inesmontani
wjessup
cassininazir
lfama
aleyda
.png){kind=avatar}
helenjbeal
brad_frost
mongodb
andyhume
akademiya2063
