Learn the correct sequence of actions to ensure a GitHub workflow can retrieve credentials from an Azure key vault, including creating a service principal and granting key permissions.
Table of Contents
Question
You have a GitHub repository named repo1 and an Azure key vault named kv1.
In repo1, you plan to create a workflow named Workflow1 that will deploy a database server by using credentials stored in kv1.
You need to ensure that Workflow1 can retrieve the credentials from kv1.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.
Actions:
- Grant secret permissions to kv1.
- Reference the credentials in Workflow1.
- Create a personal access token (PAT) in GitHub.
- Grant key permissions to kv1.
- Create a service principal in Microsoft Entra ID.
Answer
- Create a service principal in Microsoft Entra ID.
- Grant key permissions to kv1.
- Reference the credentials in Workflow1.
Explanation
To ensure that Workflow1 in your GitHub repository repo1 can retrieve the credentials from your Azure key vault kv1, you should perform the following actions in sequence:
1. Create a service principal in Microsoft Entra ID.
A service principal is an identity created for use with applications, hosted services, and automated tools to access Azure resources. Creating a service principal allows you to delegate access to the key vault with the necessary permissions.
2. Grant key permissions to kv1.
After creating the service principal, you must grant it the appropriate key permissions on the kv1 key vault. This allows the service principal to access and retrieve the credentials stored in the key vault.
3. Reference the credentials in Workflow1.
Finally, update Workflow1 in your GitHub repository to reference the credentials stored in kv1 using the service principal created in step 1. This enables the workflow to securely retrieve the credentials during the database server deployment process.
By following these steps in the correct order, you ensure that your GitHub workflow can securely access the necessary credentials from your Azure key vault, allowing for a successful deployment of your database server.
Microsoft AZ-400 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the Microsoft AZ-400 exam and earn Microsoft AZ-400 certification.