Notice: Function WP_Scripts::add was called incorrectly. The script with the handle "markdown-renderer" was enqueued with dependencies that are not registered: mermaid-js, prism-core. Please see Debugging in WordPress for more information. (This message was added in version 6.9.1.) in /home/dataadl/www/wp-includes/functions.php on line 6131

Searching in

Enter search term to find items
to navigate, to select, and to close

Azure DevOps Service Connections and Managed Identities

Posted on by Nithin Mohan TK 1 min read

Service connections let Azure DevOps deploy to Azure resources. Getting the security right is important. Here’s how to set them up properly.

Creating a Service Connection

Project Settings → Service connections → New → Azure Resource Manager

  • Automatic: Creates service principal for you
  • Manual: Use existing service principal
  • Managed Identity: For self-hosted agents

Best Practices

  • Use least-privilege: Scope to resource group, not subscription
  • Rotate credentials regularly
  • Use separate connections for prod/non-prod
  • Enable “Grant access permission to all pipelines” cautiously

Workload Identity Federation (Preview)

New in 2019: Federated credentials eliminate secrets entirely. The pipeline authenticates using OpenID Connect – no secrets to manage or rotate.

Discover more from C4: Container, Code, Cloud & Context

Subscribe to get the latest posts sent to your email.

Posted in Uncategorized
Tagged ,

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.