Merge pull request #53686 from ceperezb/CEPEREZB-sc100-design-identity-solutions

Ceperezb sc100 design identity solutions

Author: v-regandowner

learn-pr/wwl-sci/design-solutions-identity-access-management/1-introduction.yml

@@ -4,10 +4,10 @@ title: Introduction
 metadata:
   title: Introduction
   description: "Introduction to designing identity and access management solutions for security architects."
-  ms.date: 02/07/2026
+  ms.date: 03/03/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit
-durationInMinutes: 2
+durationInMinutes: 3
 content: |
   [!include[](includes/1-introduction.md)]

learn-pr/wwl-sci/design-solutions-identity-access-management/2-design-cloud-hybrid-multi-cloud-access-strategies.yml

@@ -4,7 +4,7 @@ title: Design a solution for access to SaaS, PaaS, IaaS, hybrid, and multicloud
 metadata:
   title: Design a solution for access to SaaS, PaaS, IaaS, hybrid, and multicloud resources
   description: "Design access strategies for SaaS, PaaS, IaaS, hybrid, and multicloud resources using identity, networking, and application controls."
-  ms.date: 02/07/2026
+  ms.date: 03/03/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit

learn-pr/wwl-sci/design-solutions-identity-access-management/2a-design-solution-entra-hybrid-multicloud.yml

@@ -4,7 +4,7 @@ title: Design a solution for Microsoft Entra ID, including hybrid and multicloud
 metadata:
   title: Design a solution for Microsoft Entra ID, including hybrid and multicloud environments
   description: "Design a Microsoft Entra ID solution for hybrid and multicloud environments, including directory synchronization, authentication methods, and multicloud federation."
-  ms.date: 02/07/2026
+  ms.date: 03/03/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit

learn-pr/wwl-sci/design-solutions-identity-access-management/3-design-solution-external-identities.yml

@@ -4,7 +4,7 @@ title: Design a solution for external identities
 metadata:
   title: Design a solution for external identities
   description: "Design B2B collaboration, customer identity, and decentralized identity solutions using Microsoft Entra External ID."
-  ms.date: 01/30/2026
+  ms.date: 03/03/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit

learn-pr/wwl-sci/design-solutions-identity-access-management/4-design-modern-authentication-authorization-strategies.yml

@@ -4,10 +4,10 @@ title: Design modern authentication and authorization strategies
 metadata:
   title: Design modern authentication and authorization strategies
   description: "Design authentication strategies using Conditional Access, CAE, Identity Protection, and protected actions."
-  ms.date: 01/30/2026
+  ms.date: 03/03/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit
-durationInMinutes: 8
+durationInMinutes: 12
 content: |
   [!include[](includes/4-design-modern-authentication-authorization-strategies.md)]

learn-pr/wwl-sci/design-solutions-identity-access-management/4a-conditional-access-agent-id.yml

@@ -0,0 +1,14 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-solutions-identity-access-management.conditional-access-agent-id
+title: Design Conditional Access policies for AI agents
+metadata:
+  title: Design Conditional Access policies for AI agents
+  description: "Design Conditional Access policies for AI agent identities using Microsoft Entra Agent ID, including agent architecture, policy configuration, risk-based controls, and investigation techniques."
+  ms.date: 03/03/2026
+  author: ceperezb
+  ms.author: ceperezb
+  ms.topic: unit
+  ai-usage: ai-generated
+durationInMinutes: 9
+content: |
+  [!include[](includes/4a-conditional-access-agent-id.md)]

learn-pr/wwl-sci/design-solutions-identity-access-management/5-align-conditional-access-zero-trust.yml

@@ -4,10 +4,10 @@ title: Validate alignment of Conditional Access policies with a Zero Trust strat
 metadata:
   title: Validate alignment of Conditional Access policies with a Zero Trust strategy
   description: "Validate that Conditional Access policies enforce Zero Trust principles of explicit verification, least privilege, and assume breach."
-  ms.date: 01/30/2026
+  ms.date: 03/03/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit
-durationInMinutes: 7
+durationInMinutes: 13
 content: |
   [!include[](includes/5-align-conditional-access-zero-trust.md)]

learn-pr/wwl-sci/design-solutions-identity-access-management/6-specify-requirements-secure-active-directory-domain-services.yml

@@ -4,10 +4,10 @@ title: Specify requirements for securing Active Directory Domain Services
 metadata:
   title: Specify requirements for securing Active Directory Domain Services
   description: "Provide guidance for hardening AD DS through attack surface reduction, administrative tiering, and monitoring."
-  ms.date: 01/30/2026
+  ms.date: 03/03/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit
-durationInMinutes: 7
+durationInMinutes: 12
 content: |
   [!include[](includes/6-specify-requirements-secure-active-directory-domain-services.md)]

learn-pr/wwl-sci/design-solutions-identity-access-management/7-design-solution-manage-secrets-keys-certificates.yml

@@ -4,10 +4,10 @@ title: Design a solution to manage secrets, keys, and certificates
 metadata:
   title: Design a solution to manage secrets, keys, and certificates
   description: "Design secrets management solutions using Azure Key Vault with appropriate access controls and lifecycle management."
-  ms.date: 01/30/2026
+  ms.date: 03/03/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit
-durationInMinutes: 8
+durationInMinutes: 11
 content: |
   [!include[](includes/7-design-solution-manage-secrets-keys-certificates.md)]

learn-pr/wwl-sci/design-solutions-identity-access-management/8-knowledge-check.yml

@@ -4,7 +4,7 @@ title: Knowledge check
 metadata:
   title: Knowledge check
   description: Knowledge check for identity and access management security design.
-  ms.date: 01/30/2026
+  ms.date: 03/03/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit