diff --git a/eng/pipelines/templates/jobs/ci.tests.yml b/eng/pipelines/templates/jobs/ci.tests.yml
index 2a7522914..f73f32c94 100644
--- a/eng/pipelines/templates/jobs/ci.tests.yml
+++ b/eng/pipelines/templates/jobs/ci.tests.yml
@@ -86,6 +86,12 @@ jobs:
       value: "PLAYBACK"
     - name: AZURE_LOG_LEVEL
       value: "verbose"
+    - name: Codeql.Enabled 
+      value: true
+    - name: Codeql.BuildIdentifier 
+      value: ${{ parameters.ServiceDirectory }}
+    - name: Codeql.SkipTaskAutoInjection
+      value: false
     - ${{ each testEnvVar in parameters.TestEnv }}:
       - name: ${{ testEnvVar.Name }}
         value: ${{ testEnvVar.Value }}
diff --git a/eng/pipelines/templates/variables/globals.yml b/eng/pipelines/templates/variables/globals.yml
index b782b8823..1381498ce 100644
--- a/eng/pipelines/templates/variables/globals.yml
+++ b/eng/pipelines/templates/variables/globals.yml
@@ -20,3 +20,6 @@ variables:
   skipComponentGovernanceDetection: true
   DisableDockerDetector: true
   Package.EnableSBOMSigning: true
+
+  # Disable CodeQL injections except for where we specifically enable it
+  Codeql.SkipTaskAutoInjection: true