Machine Identity Extension for Azure DevOps
Updated Oct. 3 2021

Venafi’s open source VCert provides a CLI for core security operations including key generation and certificate acquisition. Integrating VCert and Azure DevOps through this Machine Identity Management Development Fund project greatly streamlines and secures the application deployment process.
Business Outcomes
  • Give security teams the visibility and intelligence they need to ensure applications are protected with secure machine identities

  • Provide Application and Operation teams the ability to consume machine identities automatically, inside the tools they’re already using every day 

Integration Features
  • Fully automate machine identity issuance and provisioning in development pipelines

  • Enable crypto-agility through Venafi's native and partner-built CA integration

Solution Overview

Greg Brownstein is a well known developer in the Venafi ecosystem. In this Indie Devs project, he has made Venafi VCert functionality available to Azure DevOps. DevOps processes -- specifically Continuous Integration and Continuous Deployment (CI/CD) -- which are now an integral part of releasing any software project. Azure DevOps provides both Pipelines and Releases to fulfill this need.  

A standard Azure DevOps extension architecture will be used in this project.  The extension code will be stored in GitHub and deployed to the Azure Marketplace via Azure DevOps pipelines.  Customers can add the extension to their Azure DevOps instance via the Marketplace which can then be used in their build and release pipelines.  The extension will be compatible with both Venafi Trust Protection Platform and Venafi as a Service.