Secure and Scalable Development with Microsoft 365 and Azure AD

Tech 3 (801A) November 3, 2021 2:00 pm - 2:40 pm Feedback     

Bookmark and Share

Peter Carson

In this talk we’ll focus on leveraging Azure AD in Platform as a Service projects. We’ll start with Logic Apps as a no-code Web API platform for implementing your privileged code in a zero-trust architecture. Azure AD provides secure authentication between low-trust client-side code and Logic Apps, and Logic Apps should use delegated or service principal identities for privileged actions. Next, we’ll apply the same service principal methodology in Azure Automation, a serverless place to run your PowerShell code. Lastly, we’ll start with the same approach, and present an enterprise architecture that combines delegated and application access to Microsoft 365 through an App Service model, including auto-scale of the App Service that also addresses Microsoft 365 throttling constraints. The plan is to release a pair of whitepapers leading up to the conference. The first will be the Logic App and Azure Automation authentication and service principal work. The second will be the Enterprise architecture utilizing Azure App Services, auto-scale, and a pool of Application Objects to address security and scalability.