Searching in

Enter search term to find items
to navigate, to select, and to close

Azure DevOps Service Connections and Managed Identities

Posted on by Nithin Mohan TK 1 min read

Service connections let Azure DevOps deploy to Azure resources. Getting the security right is important. Here’s how to set them up properly.

Creating a Service Connection

Project Settings → Service connections → New → Azure Resource Manager

  • Automatic: Creates service principal for you
  • Manual: Use existing service principal
  • Managed Identity: For self-hosted agents

Best Practices

  • Use least-privilege: Scope to resource group, not subscription
  • Rotate credentials regularly
  • Use separate connections for prod/non-prod
  • Enable “Grant access permission to all pipelines” cautiously

Workload Identity Federation (Preview)

New in 2019: Federated credentials eliminate secrets entirely. The pipeline authenticates using OpenID Connect – no secrets to manage or rotate.

Discover more from C4: Container, Code, Cloud & Context

Subscribe to get the latest posts sent to your email.

Posted in Uncategorized
Tagged ,

WordPress database error: [User 'dataadl336' has exceeded the 'max_questions' resource (current value: 40000)]
SELECT p.ID FROM cmxg4_posts AS p WHERE (p.post_date < '2019-10-24 10:00:00' OR (p.post_date = '2019-10-24 10:00:00' AND p.ID < 15393)) AND p.post_type = 'post' AND p.post_status = 'publish' ORDER BY p.post_date DESC, p.ID DESC LIMIT 1

WordPress database error: [User 'dataadl336' has exceeded the 'max_questions' resource (current value: 40000)]
SELECT p.ID FROM cmxg4_posts AS p WHERE (p.post_date > '2019-10-24 10:00:00' OR (p.post_date = '2019-10-24 10:00:00' AND p.ID > 15393)) AND p.post_type = 'post' AND p.post_status = 'publish' ORDER BY p.post_date ASC, p.ID ASC LIMIT 1

WordPress database error: [User 'dataadl336' has exceeded the 'max_questions' resource (current value: 40000)]
SELECT SQL_CALC_FOUND_ROWS cmxg4_comments.comment_ID FROM cmxg4_comments WHERE ( comment_approved = '1' ) AND comment_post_ID = 15393 AND comment_type NOT IN ('note') ORDER BY cmxg4_comments.comment_date_gmt ASC, cmxg4_comments.comment_ID ASC

Leave a comment

Your email address will not be published. Required fields are marked *

WordPress database error: [User 'dataadl336' has exceeded the 'max_questions' resource (current value: 40000)]
SELECT option_value FROM cmxg4_options WHERE option_name = 'akismet_comment_nonce' LIMIT 1

This site uses Akismet to reduce spam. Learn how your comment data is processed.

WordPress database error: [User 'dataadl336' has exceeded the 'max_questions' resource (current value: 40000)]
SELECT option_value FROM cmxg4_options WHERE option_name = 'cookie_consent_template' LIMIT 1

WordPress database error: [User 'dataadl336' has exceeded the 'max_questions' resource (current value: 40000)]
SELECT option_value FROM cmxg4_options WHERE option_name = 'jpsq_sync_checkout'

WordPress database error: [User 'dataadl336' has exceeded the 'max_questions' resource (current value: 40000)]
SELECT COUNT(*) FROM cmxg4_jetpack_sync_queue WHERE queue_id = 'sync'