AZ-400 Question #536: Real Exam Question with Answer & Explanation

Question

Drag and Drop Question You have a GitHub repository named repo1 and an Azure key vault named kv1. In repo1, you plan to create a workflow named Workflow1 that will deploy a database server by using credentials stored in kv1. You need to ensure that Workflow1 can retrieve the credentials from kv1. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select. Answer:

Explanation

To allow a GitHub Actions workflow to retrieve secrets from Azure Key Vault, you must first create a service principal in Microsoft Entra ID (formerly Azure AD), which acts as the identity that GitHub Actions will use to authenticate with Azure. Next, you grant that service principal the appropriate secret permissions on kv1 (e.g., 'Get' permission on secrets) so it can read the credentials. Finally, you reference those credentials in Workflow1 using the Azure Key Vault action or environment variables, completing the integration.

No community discussion yet for this question.