Limit variables that can be set at queue time.

Why This Matters

Allowing variables to be set at queue time introduces the risk of unauthorized or malicious pipeline modifications. Attackers or internal users may inject arbitrary values that alter build and release behavior, potentially leading to code tampering or deployment of compromised artifacts. Restricting this capability reduces the attack surface and ensures pipeline integrity.

What Aether365 Checks

Aether365 verifies whether your Azure DevOps project settings restrict which variables can be overridden at queue time. This check appears in the Aether365 dashboard under microsoft-365 checks.