AZ-400 · Question #536
Drag and Drop Question You have a GitHub repository named repo1 and an Azure key vault named kv1. In repo1, you plan to create a workflow named Workflow1 that will deploy a database server by using cr
The correct answer is Create a service principal in Microsoft Entra ID.; Grant secret permissions to kv1.; Reference the credentials in Workflow1.. To allow a GitHub Actions workflow to retrieve secrets from Azure Key Vault, you must first create a service principal in Microsoft Entra ID (formerly Azure AD), which acts as the identity that GitHub Actions will use to authenticate with Azure. Next, you grant that service princ
Question
Exhibit
Answer Area
Drag items
Correct arrangement
- Create a service principal in Microsoft Entra ID.
- Grant secret permissions to kv1.
- Reference the credentials in Workflow1.
Explanation
To allow a GitHub Actions workflow to retrieve secrets from Azure Key Vault, you must first create a service principal in Microsoft Entra ID (formerly Azure AD), which acts as the identity that GitHub Actions will use to authenticate with Azure. Next, you grant that service principal the appropriate secret permissions on kv1 (e.g., 'Get' permission on secrets) so it can read the credentials. Finally, you reference those credentials in Workflow1 using the Azure Key Vault action or environment variables, completing the integration.
Topics
Community Discussion
No community discussion yet for this question.
