From c35d61b8ed62bf778ab471bac9932cb03bd76c2a Mon Sep 17 00:00:00 2001
From: Gladwin Johnson <90415114+gladjohn@users.noreply.github.com>
Date: Fri, 22 Mar 2024 11:25:02 -0700
Subject: [PATCH] Use MSI based Resource Manager for Builds / Tests (#4674)

* Update template-install-keyvault-secrets.yaml

* Update template-install-keyvault-secrets.yaml

* Update template-install-keyvault-secrets.yaml

* Update template-install-keyvault-secrets.yaml

* Update template-install-keyvault-secrets.yaml
---
 build/template-install-keyvault-secrets.yaml | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/build/template-install-keyvault-secrets.yaml b/build/template-install-keyvault-secrets.yaml
index e5993fd197..332079a1d3 100644
--- a/build/template-install-keyvault-secrets.yaml
+++ b/build/template-install-keyvault-secrets.yaml
@@ -2,13 +2,15 @@
 # Install all secrets needed from KeyVault onto the build machine.
 
 steps:
-- task: AzureKeyVault@1
-  displayName: 'Azure Key Vault: buildautomation'
+# Task to download Azure Key Vault secrets using the Azure Key Vault task version 2.
+- task: AzureKeyVault@2
+  displayName: 'Connect to Key Vault'
   inputs:
-    azureSubscription: '.NET Keyvault'
-    KeyVaultName: buildautomation
-    SecretsFilter: 'AzureADIdentityDivisionTestAgentCert'
-
+    azureSubscription: 'AuthSdkResourceManager' # string. Workload identity service connection to use managed identity authentication
+    KeyVaultName: 'buildautomation' # string. Required. The name of the Key Vault containing the secrets.
+    #setting secrets filter to fetch only AzureADIdentityDivisionTestAgentCert cert from the vault
+    SecretsFilter: 'AzureADIdentityDivisionTestAgentCert' # string. Required. Specifies the secret to download. Use '*' for all secrets.
+    #RunAsPreJob: false # boolean. Make secrets available to whole job. Default: false.
 
 - powershell: |
    $kvSecretBytes = [System.Convert]::FromBase64String('$(AzureADIdentityDivisionTestAgentCert)')