Workload identity federation for Azure deployments is now generally available - Azure DevOps Blog

Workload identity federation for Azure deployments is now generally available - Azure DevOps Blog

Briefly

Azure service connections that use workload identity federation are easier to manage and more secure.

Azure DevOps Bloghttps://devblogs.microsoft.com/devops/workload-identity-federation-for-azure-deployments-is-now-generally-available/

This provides a stricter constraint than a secret, which could unintentionally be leaked and used for other purposes or from other locations.

Azure DevOps Bloghttps://devblogs.microsoft.com/devops/workload-identity-federation-for-azure-deployments-is-now-generally-available/

Configuration of an Azure service connection with workload identity federation is a one-time setup. You don't have to worry about expiring secrets that have to be rotated in order for the service connection to stay operational.

Azure DevOps Bloghttps://devblogs.microsoft.com/devops/workload-identity-federation-for-azure-deployments-is-now-generally-available/