{"id":62379,"date":"2021-09-21T07:35:32","date_gmt":"2021-09-21T15:35:32","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/devops\/?p=62379"},"modified":"2021-09-16T07:40:08","modified_gmt":"2021-09-16T15:40:08","slug":"azurefunbytes-episode-56-secretless-applications-with-christosmatskas","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/devops\/azurefunbytes-episode-56-secretless-applications-with-christosmatskas\/","title":{"rendered":"AzureFunBytes Episode 56 &#8211; Secretless Applications with @ChristosMatskas"},"content":{"rendered":"<p>AzureFunBytes is a weekly opportunity to learn more about the fundamentals and foundations that make up Azure. It&#8217;s a chance for me to understand more about what people across the Azure organization do and how they do it. Every week we get together at 11 AM Pacific on <a href=\"https:\/\/cda.ms\/226\">Microsoft LearnTV<\/a> and learn more about Azure.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/res.cloudinary.com\/practicaldev\/image\/fetch\/s--Z7BxBMz1--\/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880\/https:\/\/dev-to-uploads.s3.amazonaws.com\/uploads\/articles\/j2xzw2g664tj31jij13t.gif\" alt=\"AzureFunBytes animation\" \/><\/p>\n<p>Secretless application development strives to solve some important problems, like preventing your credentials from being leaked. If you are seeing connection strings, usernames or passwords in log files, you&#8217;re adding to your risk profile. So rather than transmit clear text credentials to log into a database for your application, you can use <a href=\"https:\/\/cda.ms\/2z6\">Azure Managed Identity<\/a> which is a service account managed by the <a href=\"https:\/\/cda.ms\/2z7\">Azure Active Directory<\/a>.<\/p>\n<p>This week on the show I&#8217;ve once again reached out to Microsoft Senior Program Manager <a href=\"https:\/\/twitter.com\/christosmatskas\">Christos Matskas<\/a> for some help learning more about implementing a Secretless strategy in developing applications. After reading this incredible blog titled &#8220;<a href=\"https:\/\/cda.ms\/2z2\">Secretless Azure Functions dev with the new Azure Identity Libraries<\/a>&#8221; I knew he was the right person for the job.<\/p>\n<p><em>Christos Matskas is a software developer, dad, blogger, husband, speaker, and all-around geek. He currently works as a Program Manager for Microsoft Identity helping developers and teams leverage the power of the identity and cloud. Before joining Microsoft, he was a successful entrepreneur collaborating with companies such as MarkIT, Lockheed Martin and Barclays. He&#8217;s been building software for over 16 years and he&#8217;s a passionate Open Source advocate. He contributes regularly to numerous OSS projects and works closely with the developer community to make the space bigger and better.<\/em><\/p>\n<p><iframe title=\"AzureFunBytes Episode 56 - Secretless Applications with @ChristosMatskas\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/pOSPrsCGf1M?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p><a href=\"https:\/\/www.youtube.com\/watch?v=Bo1NtzjRV2k\">00:00:00 &#8211; Open<\/a><br>\n<a href=\"https:\/\/youtu.be\/Bo1NtzjRV2k?t=212\">00:03:32 &#8211; Intro to show<\/a><br>\n<a href=\"https:\/\/youtu.be\/Bo1NtzjRV2k?t=280\">00:04:40 &#8211; Welcome Back Christos<\/a><br>\n<a href=\"https:\/\/youtu.be\/Bo1NtzjRV2k?t=412\">00:06:54 &#8211; Zero Trust principles<\/a><br>\n<a href=\"https:\/\/youtu.be\/Bo1NtzjRV2k?t=937\">00:15:37 &#8211;  Defining &#8220;Secretless&#8221;<\/a><br>\n<a href=\"https:\/\/youtu.be\/Bo1NtzjRV2k?t=1731\">00:28:51 &#8211; Secretless with .NET<\/a> <br>\n<a href=\"https:\/\/youtu.be\/Bo1NtzjRV2k?t=2538\">00:42:18 &#8211; Can we use this approach with any language?<\/a><br>\n<a href=\"https:\/\/youtu.be\/Bo1NtzjRV2k?t=2764\">00:46:04 &#8211; Secretless with NodeJS<\/a><br>\n<a href=\"https:\/\/youtu.be\/Bo1NtzjRV2k?t=3268\">00:54:28 &#8211; What are you most excited about in the identity space?<\/a><\/p>\n<p>Here&#8217;s our agenda:\n&#8211; What do we mean by Secretless?\n&#8211; Why it&#8217;s important to eliminate secrets from our application and deployment code\n&#8211; How can we achieve &#8216;secretless state&#8217; with Azure?\n&#8211; Demos<\/p>\n<p>So check out this great opportunity to learn how to improve your application&#8217;s security posture.<\/p>\n<hr \/>\n<p>Learn about Azure fundamentals with me!<\/p>\n<p>Live stream is normally found on Twitch, YouTube, and <a href=\"https:\/\/cda.ms\/226\">LearnTV<\/a> at 11 AM PT \/ 2 PM ET Thursday. You can also find the recordings here as well:<\/p>\n<p><a href=\"https:\/\/twitch.tv\/azurefunbytes\">AzureFunBytes on Twitch<\/a><br>\n<a href=\"https:\/\/aka.ms\/jaygordononyoutube\">AzureFunBytes on YouTube<\/a><br>\n<a href=\"https:\/\/www.youtube.com\/channel\/UC-ikyViYMM69joIAv7dlMsA\">Azure DevOps YouTube Channel<\/a><br>\n<a href=\"https:\/\/twitter.com\/azurefunbytes\">Follow AzureFunBytes on Twitter<\/a><\/p>\n<p>Useful Docs:<\/p>\n<p><a href=\"https:\/\/cda.ms\/219\">Get $200 in free Azure Credit<\/a><br>\n<a href=\"https:\/\/cda.ms\/243\">Microsoft Learn: Introduction to Azure fundamentals<\/a><br>\n<a href=\"https:\/\/cda.ms\/2zR\">Manage security operations in Azure<\/a><br>\n<a href=\"https:\/\/cda.ms\/2z2\">DevBlogs: Secretless Azure Functions dev with the new Azure Identity Libraries<\/a><br>\n<a href=\"https:\/\/cda.ms\/2z4\">What are managed identities for Azure resources?<\/a><br>\n<a href=\"https:\/\/cda.ms\/2z7\">What is Azure Active Directory?<\/a><br>\n<a href=\"https:\/\/cda.ms\/2z6\">Azure AD-managed identities for Azure resources documentation<\/a><br>\n<a href=\"https:\/\/cda.ms\/2zQ\">Embrace proactive security with Zero Trust<\/a><br>\n<a href=\"https:\/\/www.youtube.com\/watch?v=TFBj8OHkewE\">Secretless Apps with the Microsoft Identity Platform<\/a><br>\n<a href=\"https:\/\/cda.ms\/2z3\">Introduction to Azure Functions<\/a><br>\n<a href=\"https:\/\/aka.ms\/425Show\/blog\">The 425 Show Blog<\/a><br>\n<a href=\"https:\/\/aka.ms\/425Show\">The 425 Show Twitch<\/a><br>\n<a href=\"https:\/\/aka.ms\/425Show\/web\">The 425 Show Website<\/a><br>\n<a href=\"https:\/\/www.tiktok.com\/@christosmatskas?\">Christos on TikTok<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Secretless application development strives to solve some important problems, like preventing your credentials from being leaked. If you are seeing connection strings, usernames or passwords in log files, you&#8217;re adding to your risk profile. <\/p>\n","protected":false},"author":39313,"featured_media":62380,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[224,251],"tags":[],"class_list":["post-62379","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure","category-security"],"acf":[],"blog_post_summary":"<p>Secretless application development strives to solve some important problems, like preventing your credentials from being leaked. If you are seeing connection strings, usernames or passwords in log files, you&#8217;re adding to your risk profile. <\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/62379","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/users\/39313"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/comments?post=62379"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/62379\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media\/62380"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media?parent=62379"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/categories?post=62379"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/tags?post=62379"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}