Session

From Diagrams to Code: Automating Infrastructure Provisioning

Manual infrastructure provisioning can be challenging and error-prone, leading to potential security risks and increased complexity. Visualising and automating this process can improve threat modelling capabilities and streamline infrastructure management.

We will cover:

Challenges of manual infrastructure provisioning

Benefits of automating infrastructure provisioning

Using diagrams to visualise infrastructure and threat modelling with Microsoft Threat Modelling Tool

Technical details of (1) translating Visio diagrams into Terraform and Bicep, (2) Importing the diagrams into Microsoft Threat Modelling Tool and (3) AzureRM and AzureAD through IaC “gotchas”

Potential benefits, limitations, and trade-offs of this approach

Integrating with common DevOps tools and workflows

Results of the proof of concept through sample diagrams and generated code, along with lessons learned from the development process.

Attendees will learn about the benefits of automating infrastructure provisioning and how using diagrams to visualize infrastructure can improve threat modelling capabilities. They will also gain a technical understanding of how to translate Visio diagrams into Terraform and Bicep code, as well as insights into the limitations and trade-offs of this approach. Finally, attendees will see a showcase of results and lessons learned, as well as potential use cases and considerations for implementing this approach in their own organizations.

Products: Microsoft Visio, Microsoft Threat Modelling Tool, Azure DevOps, Bicep, Terraform, AzureRM, AzureAD

Jon Jarvis

Microsoft Security Solutions Architect @ Advania UK

Sittingbourne, United Kingdom

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top