Azure Insights: Service Bus encryption; Container Registry; Container image scans; Linux CentOS
Microsoft Azure pros share their thoughts on Service Bus encryption, Container Registry, container image scans and working with Linux CentOS.
Encrypting Azure Service Bus with user keys
On the Serverless360 Blog, Ranjith Eswaran described how to encrypt Azure Service Bus data both at rest and in-transit to safeguard sensitive information. For the most part, Microsoft data centers already encrypt data to safeguard it in storage. But on the customer's end, it's important to keep in mind that this data is only as secure as the keys kept in Identity Based Access Control, often with different keys depending on the number of partitions which the data is shared between. The Key Encryption Key feature in Key Vault helps to restrict access further.
According to Eswaran, a key hierarchy is used for encryption at rest, with the AES256 key typically used to encrypt a block of data or the contents of a partition. Some organizations conduct custom encryption for Service Bus messages, but this comes with the challenges of decrypting when the message is received. As an alternative, Azure's Bring Your Own Key can hasten decryption. For the time being, custom keys are only supported in Premium namespaces.
Understanding tokens and scope maps for Container Registry
FREE Membership Required to View Full Content:
Joining MSDynamicsWorld.com gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more. You can also receive periodic email newsletters with the latest relevant articles and content updates.
Learn more about us here
or
login
FREE Membership Required to View Full Content:
Joining MSDynamicsWorld.com gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more. You can also receive periodic email newsletters with the latest relevant articles and content updates.
Learn more about us here