This article will give an introduction to and guide you through what OpenID Connect can offer to harden the security of your GitHub Actions workflows that deploys to your Azure​ environment. A public companion repository will follow the blog post.

With the latest innovations within Azure Identity and GitHub we can remove the need for managing service principals and their secrets - and at the same time configure our Azure environments and Github Actions configuration to increase security and minimize management overhead.

This session is suitable for cloud and automation engineers at any level with an interest in topics like infrastructure-as-code, security, automation, CI/CD pipelines and identity management.​

Link to post: https://www.mxe.no/posts/securing-gh-actions-oidc/