4.1.1. Authentication and Authorization

Authentication and authorization in DevOps pipelines determine what code can access which resources. The shift from stored secrets to identity-based authentication represents one of the most important security improvements in modern DevOps. This section covers managed identities, service principals, workload identity federation, and the hierarchy of authentication methods from most to least secure.