Are you sure you've locked down your cloud workloads? You have RBAC to ensure developers cannot deploy directly to production. Have you configured RBAC for your repos and pipelines as well? But many still forget about Pull Requests. In this video, you will learn how Pull Requests work under the hood and we will walk through some pipelines. After this you'll never leave that security back door open again!
Pipeline Walkthrough Repo
https://github.com/azure/devops-governance
00:00 Intro
00:38 Whiteboard - Cloud Security and Pull Requests
03:43 Whiteboard - How Pull Requests work?
08:52 Walkthrough - Example Pipelines
09:24 ProTip - Use Multiple Pipelines
10:17 Walkthrough - ci.yaml
11:16 Walkthrough - detect-drift.yaml
16:33 Walkthrough - cd.yaml
18:20 Summary
