Is it possible to Delete an organization / account within Azure DevOps using the REST API? You can delete other entities, but the documentation doesn't show a DELETE command for Accounts / Organizations.
Is this something that's possible? Thanks!
https://learn.microsoft.com/en-us/rest/api/azure/devops/account/accounts?view=azure-devops-rest-5.0
If you no longer need your organization in Azure DevOps, you can delete it. If you change your mind within 30 days, you can recover your organization. After 30 days, your organization and data are permanently deleted.
It's not able to do this through Rest API at present. You have to do this in web portal.
There are also some limitation to directly call rest api to delete organization. For example you must first meet the prerequisites:
If your organization uses an Azure subscription to bill purchases, you
must first remove billing from your organization in the Azure portal
before you can delete your organization in Azure DevOps.
In the resulting dialog box, enter the name of the organization, and select Delete.
More details please take a look at this official tutorial: Delete your organization
Related
I'm trying to write a PowerShell script that will generate a .csv of AAD users within an AAD group in my organisation.
I've been using the following Azure DevOps API - Memberships List with direction=down:
GET https://vssps.dev.azure.com/{organization}/_apis/graph/Memberships/{subjectDescriptor}?direction=down&api-version=6.1-preview.1)
Link to Azure Devops API Documentation
In order to try and get all the members of an AAD group, but it's not grabbing every member. For example, for one AAD group I can see 20 members within Azure DevOps (and Azure Portal), but the API only grabs 8 members. As far as I can tell, there isn't anything unique about these users. I've also tested it with a few other AAD groups - in each case, it doesn't seem to grab all the users.
Is there a different API call I should be using for this purpose, or is there a specific reason why all users aren't being grabbed? I'm quite new to DevOps, only been working about 3 months, so any help is appreciated and sorry if it's a stupid question.
Thanks!
You could double-check if all the members in this AAD group are:
-Invited as users in your Azure DevOps organization
-At least access once to this organization.
Since you are using this Azure DevOps Service API, to be considered as Members, they should be not only AAD group members but also should have Azure DevOps identity.
Days ago I onboarded a customer using Service Principal with an ARM template in our blob storage, then the client went to this URL:
https://portal.azure.com/#create/Microsoft.Template/uri/{Blob Url}, accepted us as their resource manager, and we could make connections and go-to resources but via PowerShell, why it doesn't show to us in our Azure Lighthouse Customers page?
I can work with the resources, make deployments, and such but doesn't show in the list, I want to know if it is because we need to be gold competency or an expert MSP because we don't want to make a public offer in the market, we just want to manage certain customers.
It should be displayed there. No special conditions are required such as the ones you've mentioned. Are you definitely signed in to your own partner/MSP tenant with an account that has delegated access to the customers? Does anything show up under delegations within the Azure Lighthouse section?
If you have access to the customer tenant, does your company show up under Service Providers within Azure Lighthouse on the Azure portal?
Case closed, the Service Principal itself doesn't have the privileges on the service provider's tenant to make your user a reader. So the solution for this was:
Remove the offer in the customer tenant.
Add new authorization in the ARM template for a user/group with "Reader" built-in role id. (In our case, we decided to use an AD group because people in the organization is temporary)
Upload the new ARM template and re-onboarded the client.
After a couple of hours, the client's subscription showed in the subscription list in the section: Directories + subscriptions, checked it, and saw all the resources from the service provider's tenant.
I found a solution for this issue.
The Azure Lighthouse->My customers list on the azure portal only shows subscriptions activated in the global directories and subscription filter.
Please go to the global directories and subscriptions filter (in the portal top navigation) and open the drop downs for directories and for subscriptions and check, if your customer subscription appears here.
If yes, select all entries in both drop downs.
After that go back to Azure Lighthouse->My customers
and check, if the customer subscription appears now.
I have created an Azure DevOps organization for my company and I am trying to link this to our Azure subscription. I have followed the chat bot's instructions:
Sign in to your organization (https://dev.azure.com/{yourorganization}).
Select Organization settings.
Select Billing.
Select Set up billing.
Select your Azure subscription, and then select Save.
Billing is now setup
However, no subscription information is coming up.
Note:
(1) I am using the same Microsoft account that I do for the Azure portal
(2) When I log into the portal with these credentials, I can find the DevOps organisation under 'my organisations'
(3) I have 'owner' status on the subscription
(4) When I set up a pipeline via Visual Studio, both DevOps organisation and Azure subscription were picked up.
Could anyone tell me what is going wrong and how to fix it?
I was having the same issue and stumbled upon a solution. Posting it here in case someone else finds this post as I did via Google.
Go to https://app.vsaex.visualstudio.com/
Check to see which account your organization is on - see link below
The organization I had set up was associated with my Microsoft account. I created a new organization in the Default Directory and it found the subscription in Billing.
I'm a student so it was no problem for me to start over with a new organization. I don't know how one would transfer an existing org to the correct account if needed.
I wish move from Microsoft personal DevOps Account to my O365 Account Tenant where I run Azure, too.
Is't possible to mantein the benefits, too?
What you can do is that transfer Transfer Azure DevOps to New Azure Account
Add a AAD member which is a Microsoft account to your Azure DevOps organization.
Add this AAD member to Project collection Administrators group.
Log into the Azure portal and connect the organization to AAD.
Then you could login to your Azure DevOps organization with AAD member
To merge two Azure DevOps account, there is no such kind of feature at the moment.
A related user voice here:
make it possible to move a Team Project between Team Project Collections
https://developercommunity.visualstudio.com/content/idea/365365/make-it-possible-to-move-a-team-project-between-te-1.html
Any other 3rd party extension or tool will not keep history info. Suggest you use two organization separately to keep history. Or manually merge it without history.
We have two Azure subscriptions and an Office 365 subscription for our company.
In "Subscription #1", we have a VNET and a bunch of VMs. We have our "organizational AD" in this VNET. We also set our Office 365 subscription to use our organizational AD that is in this Subscription #1.
We then have a second Azure subscription (Subscription #2) in which we have WebApp's, databases and Visual Studio Team Services (VSTS - formerly Visual Studio Online) repositories. We set up our VSTS to use the directory service -- WAAD -- associated with this second subscription.
My question is: can we set it so that this second Azure subscription uses our organizational AD to manage user access? Our primary goal here is to have "single sign-on" in this second Azure subscription. For example, we want our developers to be able to use their organization AD accounts to access the VSTS repositories.
P.S. We do prefer keeping these two Azure subscriptions separate but still have single sign-on.
In short, yes you can. The easiest way to do this is by putting in a support ticket with Azure and asking them to perform this task for you. You should be able to put a ticket in with billing support to avoid costs.
The other way to do this involves having the Service Administrator of the 2nd Azure subscription be a Global Admin on the Azure Active Directory in question. You can then follow the steps found in this link.