Skip to content

AADOps: Deploying and Managing Conditional Access at Scale - Thomas Naunheim

Photo of Has
Hosted By
Has and James A.
AADOps: Deploying and Managing Conditional Access at Scale - Thomas Naunheim

Details

Conditional Access is an essential component of "Azure Active Directory" and assumes the role of the "Zero Trust Policy Engine" in Microsoft 365 environments.

Therefore, configuration management of the policies has become a critical and important part for Identity Administrators and Security Operations.

Microsoft Graph API offers programmatic access to Conditional Access which is the foundation to configure policies "as code".

In this session we will do a walkthrough of automation solutions to manage deployment and operations of Conditional Access at scale across the DevOps lifecycle.
During the hands-on demos we will discuss my PoC project "AADOps" which shows the capabilities in automation and lifeycle management by using Azure DevOps (Repos and CI/CD pipelines), PowerShell and Microsoft Graph.

  1. Overview of Microsoft Graph & Conditional Access
  • Existing automation and workflow solutions
  • Considerations of "Policies as Code"
  1. Introduction of "AADOps" project
  • Advantages of "IdentityOps" approach
  • Security Design and RBAC of Azure DevOps project
  1. Coding & deployment of policies
  • Plan and code policies in "Azure Repos"
  • Defined policy templates and variables
  • Governance by automated validation and approval workflow
  • Pull/Push Pipeline to manage desired state
  • Safe rollout of policies across intra- and inter-tenant stages
  1. Operationalization of policies in Azure AD management
  • Operational Insights and Exclusion Management
  • Security Monitoring of Policy management

About our Speaker:
Thomas Naunheim is a Cloud Architect from Germany with focus on identity and security solutions in Microsoft Azure.
He is involved in projects to design and implement cloud identity solutions in enterprise environments.

You will find him blogging at "cloud-architekt.net" and speaking on community events.
He is also a member of the "Azure Meetup Bonn" organization team and co-host of "Cloud Inspires" podcast.
Since 2020 he has awarded as Microsoft MVP for Azure.

Linkedin: https://linkedin.com/in/thomasnaunheim
Twitter: https://twitter.com/thomas_live

Events in
Photo of Melbourne Azure Nights group
Melbourne Azure Nights
See more events
Melbourne Azure Nights
Photo of Melbourne Azure Nights group
Online event
This event has passed
Photo of Melbourne Azure Nights group
Melbourne Azure Nights
public group