category	severity	online version
Microsoft Azure DevOps Service Connections	Critical	https://github.com/cloudyspells/PSRule.Rules.AzureDevOps/blob/main/src/PSRule.Rules.AzureDevOps/en/Azure.DevOps.ServiceConnections.ClassicAzure.md

Azure.DevOps.ServiceConnections.ClassicAzure

SYNOPSIS

A Service connection should not use the Classic Azure service connection type.

DESCRIPTION

A service connection is a securely stored object that contains information about how to connect to a service. Service connections are used during the build or release pipeline to connect to external and remote resources. The Classic Azure service connection type can not be scoped to a specific resource group or subscription. This means that any user with access to the service connection can deploy to any resource group or subscription. Also the Classic Azure service connection type does not support modern ways of authentication.

Mininum TokenType: ReadOnly

RECOMMENDATION

Consider using a service connection type that can be scoped to a specific resource group with modern authentication.

LINKS

Azure DevOps security best practices
Create a service connection

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Azure.DevOps.ServiceConnections.ClassicAzure.md

Azure.DevOps.ServiceConnections.ClassicAzure.md

Azure.DevOps.ServiceConnections.ClassicAzure

SYNOPSIS

DESCRIPTION

RECOMMENDATION

LINKS

Files

Azure.DevOps.ServiceConnections.ClassicAzure.md

Latest commit

History

Azure.DevOps.ServiceConnections.ClassicAzure.md

File metadata and controls

Azure.DevOps.ServiceConnections.ClassicAzure

SYNOPSIS

DESCRIPTION

RECOMMENDATION

LINKS