Containers are a great choice for running applications in Azure. Just like virtual machines, those containers must be locked to protect your data and business. Use the built-in Azure container tools to keep your container-based solutions secure.


A security engineer uses Azure Container Instances, the Container Registry, and access controls to protect your containers; you will work on such tasks as:

  • Deploy containers from the Container Registry into Azure Container Instances.
  • Use RBAC and Conditional Access to control access.
  • Use proper architecture, storage, and network design to optimize container security.

Skills measured

Securing the Azure platform your cloud solutions run on is a part of Exam AZ-500: Microsoft Azure Security Engineer.

Implement platform protection (15-20%)

  • Configure advanced security for compute
    • Configure authentication for Azure Container Registry
    • Configure security for different types of containers

Learning objectives

In this module, you will:

  • Define the available security tools for containers in Azure
  • Configure security settings for containers and Kubernetes services
  • Lock down the network, storage, and identity resources connected to your containers
  • Deploy RBAC to control access to containers