From 114a8ef99de5d801b73e9f6bbba9dfb1f20a125a Mon Sep 17 00:00:00 2001 From: Balaga Gayatri Date: Mon, 21 Jun 2021 10:19:29 +0530 Subject: [PATCH] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ddddac10..53742b53 100644 --- a/README.md +++ b/README.md @@ -226,7 +226,7 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} allow-no-subscriptions: true ``` -## az logout and security hardening +## Az logout and security hardening This action doesn't implement ```az logout``` by default at the end of execution. However there is no way of tampering the credentials or account information because the github hosted runner is on a vm that will get reimagined for every customer run which gets everything deleted. But if the runner is self-hosted which is not github provided it is recommended to manually logout at the end of the workflow as shown below. More details on security of the runners can be found [here](https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#hardening-for-self-hosted-runners). ```