Reputation: 195
Getting permissions error when trying to deploy to a azure resource in a pipeline in azure devops
I hope someone can help me.
I am creating a pipeline in Azure Devops taking an existing reference yaml where I basically have a step where I need to deploy to an Azure resource function, within an Azure subscription, from which I have permissions to read, create and delete resources.
The deploy step is:
Settings
- task: AzureFunctionApp@1
inputs:
azureSubscription: 'private-suscription-dont-show-name'
appType: 'functionApp'
appName: 'chatbot-service-functions2'
package: '$(System.DefaultWorkingDirectory)/**/*.zip'
deploymentMethod: 'auto'
Basically I click on the setting option and it opens a menu for me.
I choose in the option "Azure subscription" the subscription where I have the resource that I want to deploy, the name of the subscription appears and I choose it without any problem.
At the same time that I choose the name of the subscription I get an option "Authorize" in which I click, and immediately I get an error:
Service connection with name 'private-suscription-dont-show-name' already exists. Only a user having Administrator/User role permissions on service connection 'private-suscription-dont-show-name' can see it.
My question is why can't I deploy, using autocomplete, to a resource within a subscription in which I have permission to read, create and delete resources? Do I have any other option to deploy without autocomplete?
Upvotes: 2
Views: 12936
Answers (1)
Reputation: 14044
This is related to the Security for service connections on DevOps.
The users who have Administrator or User role on a service connection can use this service connection. The Reader role can see the service connection but not use it.
If you (or the group/team you are in) are not added as a member on the User permissions of a service connection, generally you have no access to see and use this service connection in the project.
To gain the permissions on a service connection, you need to contact the Project Administrators or the Administrators on this service connection to grant you the Administrator or User role on this service connection.
Upvotes: 3
Related Questions
- While executing Azure DevOps build pipeline - got the message: This pipeline needs permission to access resources before this continue
- Azure DevOps pipeline cannot copy to Azure storage
- Azure Build Pipeline - Permission Required
- Run Azure devops pipeline as a azure AD user user
- Azure DevOps - permissions issue with deployment groups
- Error: "There was a resource authorization issue: The pipeline is not valid."
- Azure DevOps, unable to create pipeline due to insufficient AD permission
- Azure DevOps Manage IIS task deploy fails due to insufficent permissions yet account is in local admin group
- Azure DevOps Pipelines not respecting RBAC permissions
- Error Deploying to Azure in Build pipeline