CODEWITHSUNDEEP
azureazure-devopsazure-cliserviceconnection
Nomi
Nomi

Reputation: 3

How to create service connection Azure DevOps from type AzureRM (automatic) (using service principal- automatic)

I need to create a connection from many projects in Azure DevOps to my subscription in Azure. I also need him will be from type azure resource manager and that their service principal will be create automatily.

I try to use Azure CLI but the only solution that I found to create azureRM (as written in this link: create azurerm service endpoint) but you need to give him a service principal that already exists.

How I can create a service connection that will be created automatically service principal? like in the UI options: azurerm - service principal (aoutomatic)

Upvotes: 0

Views: 462

Answers (1)

SiddheshDesai
SiddheshDesai

Reputation: 8195

Unfortunately, There's no other command to create Azure Service connection automatically. Refer here And for service principal and managed identity you need to create it manually. Refer here.

As this option is still in Public Preview not all features are available.

You need to create it with the CLI command below, by mentioning your Service Principal details:-

CLI Command:-

az devops service-endpoint azurerm create --azure-rm-service-principal-id "xxxxx6d26a31435cb" --azure-rm-subscription-id "xxxxx7cb2a7" --azure-rm-subscription-name "xxx subscription" --azure-rm-tenant-id "xxxxx-af9038592395" --name "AzureSp"

Output:-

enter image description here

enter image description here

You can achieve same result with Azure CLI Task in Azure DevOps:-

YAML pipeline:-

trigger:
- main

pool:
  vmImage: ubuntu-latest

variables:
 AZURE_DEVOPS_EXT_PAT: xxxxxxxxzz2jo34pa

steps:
- task: AzureCLI@2
  inputs:
    azureSubscription: 'xxx subscription (xxxxxxxxxxxa7)'
    scriptType: 'bash'
    scriptLocation: 'inlineScript'
    inlineScript: |
      #export AZURE_DEVOPS_EXT_PAT=xxxxxxxz2jo34pa
      export AZURE_DEVOPS_EXT_AZURE_RM_SERVICE_PRINCIPAL_KEY=xxxxxxx4_w0N4Yc9B
      echo $(AZURE_DEVOPS_EXT_PAT) | az devops login --organization https://dev.azure.com/sid24desai0738
      
      az devops service-endpoint azurerm create --azure-rm-service-principal-id "xxxxxx403c-9fe4-11971d950312" --azure-rm-subscription-id "xxxxxxxxxxe97cb2a7" --azure-rm-subscription-name "xxx subscription" --azure-rm-tenant-id "xxxxx038592395" --name "Azuremyapp"

You can also call the Rest API to achieve the same task, Refer this SO Answer

Upvotes: 0

Related Questions