Automation account allows you to automate your Azure management tasks and to orchestrate actions across external systems from right within Azure. Recipes are coded within Runbook. Variables can store database URLs, user names and other configurations. Variables can be used to effect a runbook without changing the actual code. Exposing secrets within variables, such as passwords or keys, is not safe since an attacker may be able to access those variables and use them for lateral movement. The Automation account {AzureAutomationAccount} was found to have the following exposed secrets: {AzureAutomationAccount.SecretEnvVars}