Credential based authentication methods have several disadvantages such as security risks and secret management overhead. As a solution Azure Managed Identity and Azure Workload Identity can be used as modern and secure, non-credential-based authentication method for workloads running outside or inside Azure.
Workload Identity Federation can now be used with Azure DevOps Docker service connection targeting Azure Container Registry. This blog will explain how to use workload Identity with Azure DevOps Docker service connection.
Go to Azure DevOps project settings and select Service connections
Create a new Docker service connection by selecting Docker Registry as the service connection type and click on Next.
2 - Select Workload identity federation as Authentication type
3 - Select the azure subscription
4 - Select the Azure Container registry
5 - Give a name for the service connection
Now, the created service connection can be used in the Docker task in the build pipelines as shown below.
No comments:
Post a Comment