Engineering environment, VS Code and Copilot
- VS Code for automation:
workspace, tasks, formatting, debugging
- Git basics, repository hygiene, PR
and code review
- GitHub Copilot responsibly: prompting, security guidelines,
acceptance criteria
- Lab: Repo initialization, scaffolding, linting &
tests
Automation strategy & tool map
- PowerShell vs Graph vs PnP vs
REST
- App registration & identity strategy
- Least privilege security
posture
- Lab: App registration & baseline permissions
PowerShell in
depth
- Modules: PnP.PowerShell, Microsoft.Graph, SPO Management Shell
-
Authentication: interactive, device code, certificate, managed identity
-
Lab: Unified connect wrapper & logging scaffolding
Microsoft Graph —
engineering basics
- Batching, delta, throttling control
- Error
classification and retry strategies
- Lab: Resilient ingest & Graph
paging
Staging environments: DEV, TEST, PROD
- Tenant/environment roles
and secure deployment of changes
- Comparing environments, sites, lists,
items; drift detection
- Baseline and diff automation
- Lab: Diff &
baseline report script
Migration composition
- Pre-migration checks and
planning
- Parallelization, wave planning, cutover tactics
- Large lists,
versions, throttling, search delays
- Lab: Wave plan & throttle-aware
execution
Provisioning automation patterns
- PnP provisioning vs
Orchestrary catalog (overview)
- Web requests and metadata capture
- Lab:
Dynamic PnP provisioning artifact
Orchestration integration & custom
scripts (simulation)
- Request center and workspace template lifecycle
-
Hooks: pre-provision, post-provision, compliance checks
- Integration with
PnP.PowerShell / Microsoft Graph
- Governance artifacts: owner attestation,
sensitivity, sprawl
- Lab: Script integration design (PnP
simulation)
Lifecycle & compliance enforcement
- Scripts for retention
and sensitivity
- Governance sharing and drift detection
- Lab: Compliance
drift report + remediation
Azure integration patterns
- Logic Apps vs
Functions vs Runbooks
- Event/webhook subscription, change notifications
-
Lab: Functions for change notifications (skeleton)
SIEM integration via Azure
Blob
- Logging strategy: schema, PII minimization, retention
- Pipeline:
app › Blob › Event Grid › Function › SIEM
- Cost and reliability (batching,
retry, dead-letter)
- KQL basics for validation and dashboards
- Lab:
Blueprint ingest and transform skeleton
Microsoft Clarity —
configuration
- Project setup: roles, retention, privacy
- Creation of
tracking code and governance
- Injection into SPO: SPFx App Customizer,
tenant-wide, opt-out strategy
- Compliance: consent/cookie banner, regional
data
- Lab: Rollout plan + App Customizer injection (simulation)
SPFx
basics & App Catalog
- Dev setup (Node LTS, Yeoman, gulp) and project
structure
- Generation of HelloWorld webpart and key files
- Build/package
.sppkg
- App Catalog (tenant vs site), upload, deploy, trust
- Adding
webpart to modern page; versioning & update
- Lab: HelloWorld deploy via
App Catalog
Security hardening & least privilege
- Minimizing scope,
Conditional Access impact
- Secret rotation & transition to cert-based
auth
- Lab: Hardening app registration & scope adjustment
Performance,
costs & capstone
- API efficiency (batching, selective projection)
-
Logging costs, asynchronous fan-out patterns
- Capstone
