When you run a CI/CD pipeline, you often need confidential values like passwords, authentication tokens, service principal secrets etc. when you want to deploy a certain artefact. You don’t want to store those secrets directly in your pipelines as this might pose a considerable security leak. Instead, you either store them as secret variables, or as secrets in an Azure Key Vault. The advantage of using Azure Key Vault is that you have a centralized location for your secrets. If you need a secret somewhere else, for example in Azure Data Factory, you have to store it only once. Since
