Creating a Service Connection on Azure DevOps to Authenticate Azure

Introduction

Integrating Azure with Azure DevOps allows you to leverage the powerful CI/CD capabilities of Azure DevOps while managing your infrastructure and applications on Microsoft Azure. To enable this integration, you need to create a service connection in Azure DevOps that authenticates with Azure. This blog post will guide you through the steps to set up this service connection.

Prerequisites

  • Azure Subscription: Ensure you have an active Azure subscription.
  • Azure DevOps Account: Ensure you have an active Azure DevOps organization and project.
  • Service Principal in Azure: Create a service principal in Azure with the necessary permissions.

Step-by-Step Guide

1. Create a Service Principal in Azure
  • Open the Azure Portal.
  • Navigate to Azure Active Directory > App registrations.
  • Click New registration.
  • Provide a name for the application (e.g., “AzureDevOpsServicePrincipal”).
  • Select the supported account types (e.g., “Accounts in this organizational directory only”).
  • Click Register.
2. Generate a Client Secret for the Service Principal
  • In the App registrations page, select the application you just created.
  • Navigate to Certificates & secrets.
  • Click New client secret.
  • Provide a description and set an expiration period.
  • Click Add.
  • Copy the client secret value and save it securely. You will need it later.
3. Assign Roles to the Service Principal
  • Navigate to your subscription or resource group where you want to grant access.
  • Click Access control (IAM).
  • Click Add > Add role assignment.
  • Select the appropriate role (e.g., Contributor).
  • Search for your service principal by name and select it.
  • Click Save.
4. Create a Service Connection in Azure DevOps
  • Go to your Azure DevOps project.
  • Navigate to Project Settings > Service connections.
  • Click New service connection.
  • Select Azure Resource Manager from the list of service connection types.
  • Click Next.
5. Configure the Service Connection
  • In the New Azure service connection window, provide the following details:
    • Scope level: Select Subscription.
    • Subscription: Select your Azure subscription.
    • Resource Group: Optionally, specify a resource group.
    • Service principal (manual): Select this option.
    • Subscription ID: Enter your Azure subscription ID.
    • Service principal ID: Enter the application (client) ID of your service principal.
    • Service principal key: Enter the client secret value you saved earlier.
    • Tenant ID: Enter your Azure Active Directory tenant ID.
    • Service connection name: Provide a name for your service connection.
  • Click Verify and save to test the connection and save it.
6. Use the Service Connection in Pipelines
  • In your Azure DevOps pipeline YAML file, reference the service connection to authenticate with Azure.
  • Example:
pool:
  vmImage: 'ubuntu-latest'

steps:
- task: AzureCLI@2
  inputs:
    azureSubscription: '<Your Service Connection>'
    scriptType: 'bash'
    scriptLocation: 'inlineScript'
    inlineScript: |
      az login --service-principal -u $(servicePrincipalId) -p $(servicePrincipalKey) --tenant $(tenantId)
      az account set --subscription $(subscriptionId)
      # Add your Azure commands here
Conclusion

By following these steps, you can create a service connection in Azure DevOps to authenticate with Azure. This setup allows you to seamlessly integrate Azure with your Azure DevOps pipelines, enabling efficient CI/CD processes for your applications and infrastructure.

Feel free to reach out if you have any questions or need further assistance! Happy deploying! 

I hope this helps! Let me know if you need any more details or have other questions.

Comments

Post a Comment

Comments are always welcome, that will help us to motivate ourselves and improve our services. Thanks!!

Popular posts from this blog

How to update build number in Azure DevOps pipeline?

Azure DevOps Pipelines are an essential part of any software development process . They allow you to build, test, and deploy your application automatically, providing you with a continuous integration and deployment (CI/CD) solution that ensures your code is always up-to-date and ready to be shipped. One crucial element of any build process is the build number. This number uniquely identifies each build, making it easy to track changes and ensure that you're always using the latest version of your software. In this blog post, we'll take a look at the command to update the build number on an Azure DevOps Pipeline. What is the Build Number? The build number is a unique identifier for each build that's created in your pipeline. It's typically a combination of the pipeline name and a unique number that increments with each build. The build number is essential for tracking changes and ensuring that you're always using the latest version of your software. Why Update the B...
Read more

How to get latest build ID from Azure DevOps pipeline?

Azure Pipelines is a cloud-based service that allows you to continuously build, test, and deploy your applications . It provides a wide range of features to support continuous integration and continuous delivery (CI/CD) workflows. One of the essential features of Azure Pipelines is the ability to retrieve the latest build ID programmatically. In this blog post, we will explore how to get the latest build ID from an Azure Pipeline. Firstly, let's understand what a build ID is. A build ID is a unique identifier assigned to each build in Azure Pipelines . It is used to track the status and progress of a particular build. The build ID is generated automatically and is incremented for each new build. It is essential to know the latest build ID to retrieve the artifacts produced by the build or to trigger the next build in the pipeline. Now let's dive into the steps to get the latest build ID from an Azure Pipeline programmatically: Step 1: Create a Personal Access Token (PAT) To ret...
Read more

How to install AWS System Manager (SSM) Agent on windows using PowerShell?

Image
Welcome to itscloudhub!! In the previous post, we were looked how to install AWS SSM Agent on Linux Distribution. In this blog post, we will discuss how to install AWS SSM Agent on Windows machine. https://www.itscloudhub.com/2022/03/how-to-install-aws-system-manager-ssm.html AWS Systems Manager Agent (SSM Agent) is preinstalled, by default, on the following Amazon Machine Images (AMIs): 1. Windows Server 2008-2012 R2 AMIs published in November 2016 or later 2. Windows Server 2016, 2019, and 2022 If your managed instance is a Windows Server 2008-2012 R2 instance created before November 2016, then EC2Config processes Systems Manager requests on your instance. We recommend that you upgrade your existing instances to use the latest version of EC2Config . By using the latest EC2Config installer, you install SSM Agent side-by-side with EC2Config. This side-by-side version of SSM Agent is compatible with your instances created from earlier Windows Server AMIs and allows you to use SSM fe...
Read more