koszewscy/ado-sk-toolkit-extension
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
93615a1b1e44ce06ef91b1c1e80080dfa7a07a20
ado-sk-toolkit-extension/overview.md

994 B
Raw Blame History

Azure Federated Auth Task

AzureFederatedAuth@1 is an Azure Pipelines task that requests an OIDC token for an AzureRM service connection configured for workload identity federation.

It is designed for pipelines that need ARM federation variables without storing long-lived secrets.

What It Sets

  • ARM_OIDC_TOKEN (secret)
  • ARM_TENANT_ID
  • ARM_CLIENT_ID
  • GIT_ACCESS_TOKEN (secret, optional)

Task Input

  • serviceConnectionARM (required): Azure Resource Manager service connection
  • setGitAccessToken (optional): exchanges OIDC assertion for Azure DevOps scope and sets GIT_ACCESS_TOKEN

Prerequisites

  • AzureRM service connection using workload identity federation
  • Pipeline access to System.AccessToken
  • Linux YAML agents

Example

- task: AzureFederatedAuth@1
  inputs:
    serviceConnectionARM: 'my-arm-service-connection'
    setGitAccessToken: true

Repository

https://gitea.koszewscy.waw.pl/koszewscy/ado-azurefederatedauth-task.git

Reference in New Issue View Git Blame Copy Permalink