How can we automate service connection creation process in azure devops

Question

Given that azure app service setup is done in azure portal and azure devops pipeline is setup as well except the service connection. Is there a way to automate service connection creation using arm template based infrastructure yaml pipeline? We want to run this pipeline and update service connection in user yaml pipeline.

Answer 1

Is there a way to automate service connection creation using arm template based infrastructure yaml pipeline?

ARM template is used to deploy the azure service. It can not used to creating a service connection in azure devops until now.

Based on your scenario, I think you can consider to make use of rest api by using Powershell task with below script:

$token = "{PAT token}"

$url="https://dev.azure.com/{org name}/{project name}/_apis/serviceendpoint/endpoints?api-version=5.1-preview.2"

$token = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes(":$($token)"))

$body = @"
{
  "authorization": {
    "parameters": {
      "tenantid": "{tenant id}",
      "serviceprincipalid": "{principal id}",
      "authenticationType": "spnKey",
      "serviceprincipalkey": "{principal key}"
    },
    "scheme": "ServicePrincipal"
  },
  "data": {
    "subscriptionId": "{subscription id}",
    "subscriptionName": "{subscription name}",
    "environment": "AzureCloud",
    "scopeLevel": "Subscription"
  },
  "name": "{service connection name}",
  "type": "azurerm",
  "url": "https://management.azure.com/"
}
"@

$response = Invoke-RestMethod -Uri $url -Headers @{Authorization = "Basic $token"} -Method Post -Body $Body -ContentType application/json

You will see that the corresponding service connection is created after this task executed.