Configure platform-level security for Azure SQL

Module
7 Units

Intermediate

Security Engineer

Azure

Azure SQL Database

Azure SQL Managed Instance

Configure authentication, network isolation, encryption, and access controls for Azure SQL Database and SQL Managed Instance. Implement Microsoft Entra ID–only authentication with managed identity access for AI workloads, deploy private endpoints, and apply transparent data encryption, dynamic data masking, and row-level security to protect sensitive financial data.

Learning objectives

After completing this module, you'll be able to:

Configure Microsoft Entra ID authentication and disable SQL authentication on Azure SQL
Implement network isolation for Azure SQL using private endpoints and firewall rules
Enable transparent data encryption and configure customer-managed keys for regulated workloads
Apply dynamic data masking and row-level security to restrict access to sensitive data

Prerequisites

Familiarity with Microsoft Entra ID and Azure role-based access control (RBAC)
Understanding of Azure networking concepts including virtual networks, subnets, and private endpoints
Familiarity with Azure Key Vault at a conceptual level

Get started with Azure

Choose the Azure account that's right for you. Pay as you go or try Azure free for up to 30 days. Sign up.

Introduction min
Configure authentication and managed identity access min
Implement network isolation min
Encrypt and protect data in transit and at rest min
Apply data masking and row-level security min
Knowledge check min
Summary min

Start