The connection between Azure and Azure DevOps make via service connection who we can create directly on AzureDevOps. In my case, i already create one Resource Group on azure, now I will create service connection who has right to write just for this Resource Group. This method helps to prevent mistakes we can make when we have too much right. (With great power comes great responsibility).
Connect to your Azure DevOps project.
On the main page click on Project Settings.
Click on Service Connections.
Search for Azure and choose Azure Resource Manager and click Next.
Choose a Service Principal (automatic) and click on Next.
Choose the good subscription, Resource Group, put some name, description and don’t forget to give access to all the pipelines if you don’t need to authorize them manually later and click on Save.
If there not already exist, create the team who will have right to use the service connection. On the main page of your Azure DevOps project in Project Settings click on Teams and click on New Team.
Fill in forms and with Team Name, members, the rights of the team on the project and click to Create.
Give the Read Right on the Service connexion to the team by clicking on Project Settings on main page of your project, click on Service Connections and click on the name of service connexion you want to modify.
Click on the 3 small points right on top of the page and click on Security
Click on Add in User Permissions an add your team with User Right.
You can run your pipeline with this Service Connection
Leave a Reply