Exam AZ-400 topic 4 question 23 discussion

Correct

Anwer is correct, because in a variable group you can link a key vault. Then you can make the group available to everyone. This way you can ensure that every pipeline can use the variables. Better useability then using tasks in every pipeline.

The correct answer is: A. Create a variable group in Project1 Why other options are incorrect: B. Add a secure file to Project1: Secure files are used to upload files (e.g., certificates) securely to pipelines. This does not apply to referencing Azure Key Vault secrets. C. Modify the security settings of the pipelines: Changing pipeline security settings does not provide the functionality needed to securely reference Key Vault secrets. D. Configure the security policy of Contoso: Configuring a security policy at the organizational level is not required to link Azure Key Vault secrets to pipelines. Security policies are broader and do not directly address this scenario.

Correct

A. Create a variable group in Project1.

Agree with A

Correct answer and relevant explanation

A is the correct answer

I chose A when I sat on this exam, and I passed :)

Given link supports A as the answer

Variable group for accessing Azure Key Vault

Correct

Correct answer https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups?view=azure-devops&tabs=yaml#link-secrets-from-an-azure-key-vault

This question came out too, August 2021

Got this in the AZ-400 exam (June 2021).

Question already repeated.

Using Variable Group is a right answer but Secrets stored in vault1 in all the pipelines of Project1 can be directly accessed if we add a KeyVault Task in the pipeline, whats the purpose of reading it into Variable group, for sharing it across many stages in pipeline ? can someone throw more light