# Secure Variable

Sometimes your CI/CD flow needs to have sensitive variables like passwords. You can’t directly write them in azure-pipelines.yml.

One way to protect your sensitives variables is to use variable groups. Let’s say you want to add the variable my-password to your pipeline.

Start by creating a variable group named secure-variable in the Library part.

Create Variable Group

Then, you can add your variable my-password inside the group.

Create Variable Group

Don’t forget to click on the padlock icon to hide the value of this variable. Save your variable group.

Finally, inject your variable group to your pipeline and print the value of the variable my-password.

  - group: 'secure-variable'
- script: echo $(my-password)
Git branch