-
Notifications
You must be signed in to change notification settings - Fork 4
2: Keeping secrets secret
Kevin Chant edited this page Jul 28, 2022
·
1 revision
One thing that is important to realize when working with pipelines is that you need to avoid putting sensitive information about Azure SQL Database inside your workflows.
A good example of how somebody can accidentally expose sensitive information can be found in my post 'Keep your Azure Synapse secrets secret in Azure DevOps'.
In reality, there are a various ways you can keep sensitive information secure when working with pipelines within the Azure Pipelines service in Azure DevOps. Including the below methods:
- Adding variables to a pipeline for use only in that pipeline.
- Creating a variable group in the Library feature and adding secrets manually.
- Creating a variable group in the Library feature and linking it to an Azure Key Vault service.
- Adding a task in your pipeline to call Azure Key Vault and reference the secrets in the Key Vault as if they were variables.
Due to more companies requesting the use of Azure Key Vault options 3 and 4 may be more appealing to you.
For more information about the above feel free to read my post 'Keep your Azure Synapse secrets secret in Azure DevOps'.