I deploy .net web app via azure pipelines onto IIS on an azure vm via the web deploy task.
To do this I had to initially configure the deployment group by running a script on the azure vm as explained here (see step 5): https://learn.microsoft.com/en-us/azure/devops/pipelines/apps/cd/deploy-webdeploy-iis-deploygroups?view=azure-devops&tabs=net#create-a-deployment-group
The project has completed and now I want to remove the permission of the pipeline to the azure vm. How to remove the permission of azure devops pipeline from an Azure VM?
The project has completed and now I want to remove the permission of the pipeline to the azure vm.
DevOps pipeline uses the account(when you setup agent, default is "nt authority\system") to access the agent.
You can uninstall the deployment group agent to remove the access:
Launch powershell,go to agent folder.
Run .\config.cmd remove to uninstall.
After it's done, it will remove the agent service and also VSTS group user below.
If you specify user not default, you can even directly delete the user from the machine to remove the permission.
Related
I need to create Azure DevOps agent pool using Terraform.
In Terraform I'm using microsoft/azuredevops provider. And resource azuredevops_agent_pool
In conclusion, I have an error Error creating agent pool in Azure DevOps: Access denied. user needs Manage permissions to perform the action. For more information, contact the Azure DevOps Server administrator.
I have Administrator permissions in Azure Devops.
What can I try with this error?
UPD. I can create agent pool from Web UI azuredevops.
I am using authentication with PAT. PAT configured for FULL access.
UPD2. I understood that access on Project Level is other than access on Organization Level. So I have full access on Project Level but terraform is trying to create agent pull on Organization Level.
It's not possible at the moment. I face the same issue.
The issue is still opened since 2020.
https://github.com/Azure/terraform-azurerm-aci-devops-agent/issues/4
As mentioned on the README.md
Before running this module, you need to create an agent pool in your
Azure DevOps organization and a personal access token that it
authorized to manage this agent pool.
So it's not possible to automatically create an agent pool from the official Terraform azure DevOps provider
You might try to find a way through Azure DevOPS REST API:
https://learn.microsoft.com/en-us/rest/api/azure/devops/distributedtask/elasticpools/create?view=azure-devops-rest-7.1
You might also find this GitHub issue comment useful:
https://github.com/microsoft/terraform-provider-azuredevops/issues/204#issuecomment-962504540
Someone has already developed a way to do with Terraform using local-exec combined with azure cli/PowerShell/rest api
I have deployed a managed application into Azure Marketplace. This application is installed with a Managed Resource Group containing multiple resources, including a Linux VM.
I have a DevOps account where I am setting up pipelines to perform automatic upgrades to my application which gets installed in my VM.
I need to find a way where every new VM (created as part of marketplace application install) is automatically configured with my DevOps pipeline.
I thought I could just export an ARM template for the VM which would include the 'Continuous Delivery' configuration, and club it to my mainTemplate.json(marketplace template). But as I checked, Azure doesn't allow that. Can someone advise on how I can achieve this?
Thanks in advance.
My client has got an Azure VM in their tenant, with .NET installed and IIS configured.
I am using Azure Devops build/release pipeline on another tenant. Build pipeline generates an artifact (zip file). Now I want to deploy the zip contents into the IIS.
What do I need to do to make my release pipeline be able to deploy the website into the IIS VM which is on another azure tenant?
Based on your requirement, I suggest that you can create a Deployment Group in Azure VM and then you can use Deployment Group job in Release Pipeline to deploy the zip package to Azure VM IIS.
Here are the steps:
Step1: Create a Deployment Group target in Azure VM. Create a deployment group
Step2: In Release Pipeline, you can use IIS web app manage and IIS web app deploy task to deploy the Zip contents to Azure VM IIS.
For example:
For more detailed steps, you can refer to this doc: Deploy apps to a Windows Virtual Machine
This way will not be limited by tenant.
I have a timer triggered function that I'm looking to deploy in two different regions in an active-passive pattern. In disaster recovery scenario, I want to disable the active instance, then activate the passive instance in such a way that I can also keep record of this activity.
I know this can be done via powershell/Azure CLI, but I think doing this via Azure release pipelines should be better for auditing purposes. Does anyone know if this is doable?
I donot know much about Azure funtions. But there are azure powershell task and azure CLI task that you can use to run the scripts in azure release pipeline, Since it can be done via powershell/Azure CLI.
In order to run the powershell/Azure CLI scripts in azure release pipeline. You need first connect your azure devops to your Microsoft Azure subscription via service connection. Check here to create a service connection in azure devops. This service connection is needed for azureSubscription parameter of azure powershell task/azure cli task
Then you can create a release pipeline and add azure powershell task or azure cli task to run the scripts.
We have an Azure DevOps organization in Azure Devops Service [ Not On-premise ]
Getting sources is taking 30+ minutes, and i'm setting up a AzureDevOps Proxy to cache against dev.azure.com
I get the below error
enter image description here
There is not any Azure DevOps Azure. Assume you are talking about Azure DevOps Service, the cloud version of Azure DevOps Server.
According to your screenshot. Looks like you were trying to add your Azure DevOps Service to your server list.
You are using the wrong url and no need to specify port and path in this case.
The url should be like below:
https://dev.azure.com/[organization-name]