Introduction
The microservices nature of cloud-native apps means that sensitive information can be distributed into multiple logs and telemetry locations. The distributed nature makes it difficult to ensure that sensitive data isn't leaked.
While testing your company's cloud-native app, you realize that sensitive user data is showing up in some of your logs and telemetry. Your manager asked you if there's an easy way to redact this information automatically.
In this module, you'll learn how to classify an app's data types. With this information, you'll use the compliance features of .NET to redact sensitive data from logs and telemetry. You'll also learn how to create compliance reports you can use for security audits.
Prerequisites
- Conceptual knowledge of containers and Docker.
- Familiarity with developing applications in C# and .NET.
- Access to a GitHub account.
- Ability to run development containers in Visual Studio Code or GitHub Codespaces, set up as described in the following section.
Development container
This module includes configuration files that define a development container, or dev container. Using a dev container ensures a standardized environment that's preconfigured with the required tools.
The dev container can run in either of two environments. Before you begin, follow the steps in one of the following links to set up your environment, including installing Docker and the necessary Visual Studio Code extensions.