Azure Devops Use Service Connection in PowerShell Task for Seamless Integration

Author

Reads 1.2K

Two Women Looking at the Code at Laptop
Credit: pexels.com, Two Women Looking at the Code at Laptop

To use a service connection in a PowerShell task in Azure DevOps, you need to create a service connection first. This connection will allow your pipeline to interact with the external service.

A service connection is a secure way to store credentials and other sensitive information that your pipeline needs to access external services. You can create a service connection by going to Project Settings > Service connections.

In the Azure DevOps pipeline, you can then use the service connection in a PowerShell task by specifying the connection name in the task settings. This will allow your pipeline to use the credentials and other settings stored in the service connection.

Setting Up Azure DevOps

To set up Azure DevOps, you'll first need to visit the "Service connections" page of your Azure DevOps portal at https://dev.azure.com/YOUR-ADO-ORG-NAME/YOUR-ADO-PROJECT-NAME/_settings/adminservices.

Click the "New service connection" button in the upper right corner of the page.

Next, click the "Azure Resource Manager" option in the flyout panel at right, and then click the "Next" button in the lower-right corner of the flyout panel.

Credit: youtube.com, Azure DevOps | Creating a Service connection with Azure

You'll then need to select the "Service principal (manual)" option in the flyout panel at right, and click the "Next" button.

Leave "Environment" set to "Azure Cloud" and "Scope Level" set to "Subscription".

Type the ID of the subscription you rented web hosting resources within into the "Subscription ID" field.

Enter the name of that same subscription into the "Subscription Name" field.

You'll need to type the client ID of the AAD Application Registration you created earlier into the "Service Principal ID" field.

The secret associated with the AAD Service Principal your ADO Service Connection is intended to represent should be typed into the "Service principal key" field.

Lastly, type the ID of the tenant you rented web hosting resources within into the "Tenant ID" field.

After filling in all the necessary information, click the "Verify" button to ensure your service connection is set up correctly.

Using PowerShell in Azure DevOps

You can use PowerShell in Azure DevOps to set up an Azure Resource Manager service connection. The PowerShell script will prompt you for the Azure Subscription Id and the name of the App Service, then authenticate to your Azure Subscription, and display the values needed to set up the service connection.

Credit: youtube.com, Azure DevOps and PowerShell Pipelines

The script will also save these values to a file on disk, which you can then plug into the Create New Service Connection dialog. This is a convenient way to automate the setup process.

To use the script, you'll need to run it and follow the prompts. The script will guide you through the process of authenticating to your Azure Subscription and retrieving the necessary values.

The PowerShell Script

The PowerShell Script is a convenient way to set up Azure Resource Manager details for the Azure DevOps Service Connection. It assumes you're trying to deploy to an Azure App Service or an Azure Functions application.

To run the script, you'll be prompted for the Azure Subscription Id you're referencing and then the name of the App Service. This will then pop open a browser window to have you authenticate to your Azure Subscription.

After running the script, it'll display all the values you'll need to set up the service connection in Azure DevOps. Those values will also be saved to a file on disk.

You can plug those values into the Create New Service Connection dialog and you should be good to go.

Example

Credit: youtube.com, How to use Azure Automation with PowerShell | Azure Tips and Tricks

Using PowerShell in Azure DevOps can be a powerful combination, and I'm excited to share some practical examples with you.

You can write succinct pipelines that make the most of PowerShell in Azure DevOps. One way to do this is by using the AzureCLI task to output credentials into environment variables.

To achieve this, you'll first need to create a task that outputs the credentials into environment variables. I've found that using AzureCLI is a great way to do this.

The AzureCLI task can output credentials into environment variables, which can then be used in subsequent tasks.

Here's an example of how you can use the AzureCLI task to output credentials into environment variables:

```yaml

steps:

- task: AzureCLI@2

displayName: 'Azure CLI'

inputs:

azureSubscription: 'your_subscription'

script: |

az account show --output json

```

This will output the credentials into environment variables, which can then be used in a subsequent PowerShell task.

Credit: youtube.com, Azure PowerShell Tutorial

You can then use these new variables in a PowerShell task to set environment variables for Terraform to use for authentication.

For example, you can use the following PowerShell task to set environment variables for Terraform:

```yaml

steps:

- task: PowerShell@2

displayName: 'PowerShell'

inputs:

targetType: 'inline'

script: |

$env:ARM_SUBSCRIPTION_ID = "$(AzureCLI.taskName.subscriptionId)"

$env:ARM_CLIENT_ID = "$(AzureCLI.taskName.clientId)"

$env:ARM_CLIENT_SECRET = "$(AzureCLI.taskName.clientSecret)"

$env:ARM_TENANT_ID = "$(AzureCLI.taskName.tenantId)"

```

This will set the environment variables for Terraform to use for authentication.

You can also use the service connection to get authorized to different services/resources, and pass the required tokens to scripts that can't use the service connection directly.

For example, you can use the following YAML to consume the AWS service connection in your task:

```yaml

steps:

- task: AWSShellScript@1

displayName: 'AWS Shell Script'

inputs:

awsConnection: 'your_aws_connection'

script: |

aws sts get-caller-identity

```

This will consume the AWS service connection and pass the required tokens to the script.

I hope these examples give you a better idea of how to use PowerShell in Azure DevOps to achieve your goals!

Rosemary Boyer

Writer

Rosemary Boyer is a skilled writer with a passion for crafting engaging and informative content. With a focus on technical and educational topics, she has established herself as a reliable voice in the industry. Her writing has been featured in a variety of publications, covering subjects such as CSS Precedence, where she breaks down complex concepts into clear and concise language.

Love What You Read? Stay Updated!

Join our community for insights, tips, and more.