Identity

About 2 months ago I wrote a blog post about workload identity federation with GitHub Actions. When an application needs to access cloud based resources it often needs to think about authentication and authorization. Using workload identity federation there is no need to use any keys or secrets. For example, Google Cloud Platform and Microsoft Azure are providing this great feature. And now this feature has also been released for Azure DevOps! This means that organizations can now take advantage of this to provide an even more secure way to connect to Azure from Azure DevOps, or rather Azure Pipelines, via a Service Connection. ...

With the recently introduced service principal & managed identity in Azure DevOps by Microsoft it is now possible to replace the less secure Personal Access Token (PAT) to connect to Azure DevOps resources. These resources can be accessed via the Azure DevOps API such as Work Items, Pipelines and Repositories and is used by many automated processes. An example could be to use an Azure Function app. In this article I want to show how you can connect to Azure DevOps with a user managed identity with the use of Azure Identity library. This library is recommended if you intend or if you are working with C# codebase. The user managed identity is an Azure resources which can be easily managed in Azure. ...