Enterprise-Scale icon indicating copy to clipboard operation
Enterprise-Scale copied to clipboard

Published 20 hours ago verified publisher icon Azure

Bug Bash: Secrets stored in Subscription is a security concern

Open krowlandson opened this issue 4 years ago • 2 comments

Describe the bug

When running the deployment template for Enterprise-Scale with the option to Deploy integrated CICD pipeline set to Yes, this is generating a set of resources in the Management Subscription, including a Key Vault containing Secrets.

Due to the nature of these secrets (Personal Access Token from an external service, linked to a user), this should be clearly communicated to the person running the deployment to raise awareness of this behaviour.

Steps to reproduce

  1. Run Deploy-to-Azure with option to Deploy integrated CICD pipeline set to Yes

Screenshots

krowlandson avatar Mar 19 '21 15:03 krowlandson

Trigger ADO Sync 1

jtracey93 avatar Sep 11 '22 07:09 jtracey93

Trigger ADO Sync 2

jtracey93 avatar Sep 11 '22 07:09 jtracey93