Site icon Sibeesh Passion

Azure DevOps Service Connection with Multiple Azure Resource Group

SibeeshVenu

Service Connection with Multiple Azure Resource Group

As you know that we can easily achieve a lot of automation by combining Azure DevOps and Azure Services. I have an Azure Pipeline that will build my application, publish my packages/artefacts generated to an Azure Web App Service and then publish the content to a CDN as well. I am sure that you might have done this several times, and we use the Azure DevOps service connection to connect to the Azure Services. While we add the Service Connection there is an option to select the Azure Resource Manager using service principal(automatic), and then we set the subscription and the resource group.

Azure Resource Manager using service principal(automatic)

This will create a new Azure AD App Registration on your Azure AD and then a new service principal will be created to connect the Azure Resource group you have mentioned. By default, this will work with only one resource group as there is no UI to select multiple resource groups. But, I wanted to use the same service connection to connect to multiple resource groups, so that I can use the same service connection in a pipeline to connect to those resources when it is necessary by using the "azureSubscription"option in the pipeline tasks. I was getting the preceding error when I try with the existing service connection. 

1. Starting: Publish app to installer website 
============================================================================== 
Task : Azure App Service deploy 
Description : Deploy to Azure App Service a web, mobile, or API app using Docker, Java, .NET, .NET Core, Node.js, PHP, Python, or Ruby 
Version : 3.184.1 
Author : Microsoft Corporation 
Help : https://aka.ms/azureappservicetroubleshooting 
============================================================================== 
Got connection details for Azure App Service:'weu-aps01' 
##[error]Error: Resource 'weu-aps01' doesn't exist. Resource should exist before deployment. 
Finishing: Publish app to installer website

Here in this post, we will see how we can resolve this issue.

Azure AD App Registration and Service Prinicipals

Here are the screenshots of the AD app registered and the service principal created.

AD App Registered on the Azure AD

Now, if you just go to your Azure Resource group and then click on the Access Control, under the role assignments you should be able to see the new service principal for the new AD app with contributor access.

Service Principal Created for the AD App Registration

Azur DevOps Service Connection with Multiple Resource Group

As you might have guessed already, to connect multiple resource groups to the same azure DevOps service connection, all we have to do is to add a new role assignment with the new AD application registration. Get the name of the service principal created, by clicking on the manage Service Principal option in the Service Connection and then copy the value for the Display name from the next page.

Manage Service Principal

Now, go to the resource group that you wish to give access to, click on the Access Control(IAM) and then the +Add button.

Access Control (IAM)

Select the Add role assignment option and then select the role as a contributor in the role grid, press next. From the next screen, select user, group, or service principal as the option for Assign access to. Click on the + Select members, search for our AD Registered app name, the display name and then select the same from the result, click on the select button. Finally, click the Review + assign button.

Select the Service Principal

Testing Azure DevOps Service Connection with Multiple Resource Group

I had a pipeline that connects Azure Resources from different resource groups, so to test this, all I have to do is to run the pipeline, and see whether I am getting the same error I was getting earlier. If you ever get any error saying that, ##[error]Error: Virtual application doesn't exists : resources make sure that you have configured the virtual directory in your Azure Web App, here resources is my virtual application. I know that it is specific to my case, still thought to share this in this post.

Azure Web App Virtual Application

Conclusion

In this post, we learned the preceding things.

About the Author

I am yet another developer who is passionate about writing and video creation. I have written close to 500 blogs on my blog. And I upload videos on my YouTube channels Njan Oru Malayali and Sibeesh Passion. Please feel free to follow me.

Your turn. What do you think?

Thanks a lot for reading. Did I miss anything that you may think is needed in this article? Could you find this post useful? Kindly do not forget to share your feedback.

Kindest Regards

Sibeesh Venu

Exit mobile version