Skip to content

Azure.DevOps.ServiceConnections.InheritedPermissions

Jump to bottom
github-actions edited this page Jan 20, 2024 · 1 revision

category: Microsoft Azure DevOps Service Connections severity: Severe online version: https://github.com/cloudyspells/PSRule.Rules.AzureDevOps/blob/main/src/PSRule.Rules.AzureDevOps/en/Azure.DevOps.ServiceConnections.InheritedPermissions.md

Azure.DevOps.ServiceConnections.InheritedPermissions

SYNOPSIS

Service connection permissions should not be inherited from the project.

DESCRIPTION

Service connection permissions should not be inherited from the project. Inherited permissions can lead to unexpected access to sensitive information and resources.

Mininum TokenType: FineGrained

RECOMMENDATION

Consider removing inherited permissions from the service connection and setting permissions explicitly.

LINKS

Clone this wiki locally