diff --git a/build/template-install-keyvault-secrets.yaml b/build/template-install-keyvault-secrets.yaml
index e5993fd197..332079a1d3 100644
--- a/build/template-install-keyvault-secrets.yaml
+++ b/build/template-install-keyvault-secrets.yaml
@@ -2,13 +2,15 @@
 # Install all secrets needed from KeyVault onto the build machine.
 
 steps:
-- task: AzureKeyVault@1
-  displayName: 'Azure Key Vault: buildautomation'
+# Task to download Azure Key Vault secrets using the Azure Key Vault task version 2.
+- task: AzureKeyVault@2
+  displayName: 'Connect to Key Vault'
   inputs:
-    azureSubscription: '.NET Keyvault'
-    KeyVaultName: buildautomation
-    SecretsFilter: 'AzureADIdentityDivisionTestAgentCert'
-
+    azureSubscription: 'AuthSdkResourceManager' # string. Workload identity service connection to use managed identity authentication
+    KeyVaultName: 'buildautomation' # string. Required. The name of the Key Vault containing the secrets.
+    #setting secrets filter to fetch only AzureADIdentityDivisionTestAgentCert cert from the vault
+    SecretsFilter: 'AzureADIdentityDivisionTestAgentCert' # string. Required. Specifies the secret to download. Use '*' for all secrets.
+    #RunAsPreJob: false # boolean. Make secrets available to whole job. Default: false.
 
 - powershell: |
    $kvSecretBytes = [System.Convert]::FromBase64String('$(AzureADIdentityDivisionTestAgentCert)')