| Service | Microsoft Docs article | Related commit history on GitHub | Change details |
|---|---|---|---|
| security | Best Practices And Patterns | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/security/fundamentals/best-practices-and-patterns.md | Title: Security best practices and patterns - Microsoft Azure | Microsoft Docs description: This article links you to security best practices and patterns for different Azure resources.-+ documentationcenter: na +ms.devlang: na na Previously updated : 08/29/2023 Last updated : 11/13/2023 # Azure security best practices and patterns -The articles below contain security best practices to use when you're designing, deploying, and managing your cloud solutions by using Azure. These best practices come from our experience with Azure security and the experiences of customers like you. +This article contains security best practices to use when you're designing, deploying, and managing your cloud solutions by using Azure. These best practices come from our experience with Azure security and the experiences of customers like you. -The best practices are intended to be a resource for IT pros. This might include designers, architects, developers, and testers who build and deploy secure Azure solutions. +## Best practices +These best practices are intended to be a resource for IT pros. This might include designers, architects, developers, and testers who build and deploy secure Azure solutions. ++* [Best practices for protecting secrets](secrets-best-practices.md) * [Azure database security best practices](/azure/azure-sql/database/security-best-practice) * [Azure data security and encryption best practices](data-encryption-best-practices.md) * [Azure identity management and access control security best practices](identity-management-best-practices.md) |
| security | Secrets Best Practices | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/security/fundamentals/secrets-best-practices.md | + + Title: Best practices for protecting secrets - Microsoft Azure | Microsoft Docs +description: This article links you to security best practices for protecting secrets. ++documentationcenter: na ++++ms.assetid: 1cbbf8dc-ea94-4a7e-8fa0-c2cb198956c5 ++++ na + Last updated : 11/09/2023++++# Best practices for protecting secrets +This article provides guidance on protecting secrets. Follow this guidance to help ensure you do not log sensitive information, such as credentials, into GitHub repositories or continuous integration/continuous deployment (CI/CD) pipelines. ++## Best practices ++These best practices are intended to be a resource for IT pros. This might include designers, architects, developers, and testers who build and deploy secure Azure solutions. ++- Azure Stack Hub: [Rotate secrets](/azure-stack/operator/azure-stack-rotate-secrets) +- Azure Key Vault: [Centralize storage of application secrets](../../key-vault/general/overview.md) +- Azure Communications Service: [Create and manage access tokens](../../communication-services/quickstarts/identity/access-tokens.md) +- Azure Service Bus: [Authenticate and authorize an application with Microsoft Entra ID to access Azure Service Bus entities](../../service-bus-messaging/authenticate-application.md) +- Azure App Service: [Learn to configure common settings for an App Service application](../../app-service/configure-common.md) ++## Next steps ++Minimizing security risk is a shared responsibility. You need to be proactive in taking steps to secure your workloads. [Learn more about shared responsibility in the cloud](shared-responsibility.md). ++See [Azure security best practices and patterns](best-practices-and-patterns.md) for more security best practices to use when you're designing, deploying, and managing your cloud solutions by using Azure. |