In this Microsoft Ignite 2025 session, Arsh Ballagan demonstrates practical techniques for managing secrets, certificates, and privileged access across Azure infrastructure, emphasizing secure authentication and DevOps integrations.

Secure Secrets, Certificate, and Access Management for Azure

Speaker: Arsh Ballagan (Microsoft Ignite 2025 Session ODSP1517)

Effective management of secrets, credentials, and certificates is vital for secure cloud engineering. This session highlights approaches to managing these sensitive assets on Azure, leveraging Infisical’s platform to provide enhanced security without added complexity.

Key Topics Covered

  • Types of Projects: Handling secrets, certificates, and privileged access for various project scenarios.
  • Secret Storage and Retrieval
    • Using stored secrets within Azure infrastructure
    • Runtime retrieval of secrets via Azure or OIDC (OpenID Connect) Authentication
  • Synchronizing Secrets:
    • Configuring initial synchronization behaviors for secrets deployment
  • Integrations:
    • Pull-based integrations using Azure DevOps identities for automated access
  • Advanced Access Controls:
    • Applying granular permissions, including IP restriction policies, to manage sensitive operations
  • Certificate Management:
    • Managing ADCS (Active Directory Certificate Services) certificates for authentication and encryption needs

Demo Platform: Infisical

Infisical is an all-in-one solution designed to centralize and streamline secret and certificate management. Key features covered include:

  • Unified interface to manage secrets and certificates
  • Simplified integration with Azure services and DevOps workflows
  • Secure, policy-driven access controls for team and workload separation

Best Practices Shared

  • Centralized Secret Storage: Reduce configuration sprawl and risk by adopting a centralized secrets platform that integrates natively with Azure.
  • Automated Secret Rotation: Implement automated processes to ensure credentials and certificates are always up-to-date and securely handled.
  • Least Privilege Access: Apply granular access controls, such as IP-based restrictions and role-driven policies.
  • Audit and Monitor: Regularly review secret usage and access logs to identify potential threats and compliance gaps.

Learn More

For additional sessions and resources from Microsoft Ignite, visit https://ignite.microsoft.com.

Tags: Azure Authentication, Secret Management, ADCS Certificate Management, Azure DevOps, Infrastructure Security, OIDC Authentication, Granular Permissions, IP Restrictions, Credential Management, Microsoft Ignite, Infisical Platform, Cloud Security