I'm not able to configure the VSTS Account for ADF v2. The login I use to access azure portal and azure data factory v2, do have access to VSTS git repositories. But they are not getting listed in the dropdown. Should I configure something or am I missing something?
Do the VSTS account and azure active directory account to author ADF v2 - be the same?
Even if they are same why am I not seeing the associated git repositories to configure?
I referred here but couldn't solve https://learn.microsoft.com/en-us/azure/data-factory/author-visually#authoring-with-vsts-git-integration
Related
I am not able to connect Azure Devops with ADF. i am getting an error as mentioned in screenshot
there is no repository coming when i clicked on select repo.
Make sure your Azure DevOps account is connected to your Azure AD tenant where the user from which you’re accessing ADF. By default, the Azure DevOps account gets created in Microsoft Tenant, Switch your Azure DevOps tenant to your Azure AD default directory and add the user account to that organization.
Log in to your Azure DevOps organization > right side > Click on your profile > My profile> Switch your Directory from Microsoft account to Default directory like below:-
Now, Create one organization and Project to import your Data-Factory repository. In the same Azure DevOps organization check if it’s connected to your Azure AD directory successfully like below:-
Now, connect to Azure DevOps git repo with Azure Data factory like below:-
Azure Data factory got connected to the git repository successfully like below:-
Connecting with azure devops repository link [Use repository link]
Got connected to the repository successfully like below:-
In your Azure DevOps organization make sure the user with whom you’re connecting git in ADF has required roles assigned on the repositories.
Set Git repository permissions - Azure Repos | Microsoft Learn
Does anyone know how to grant permissions on Azure DevOps to an MSP01(secondary) account or by using PAT token?
I need to integrate Azure data factory with GIT repo. But in Azure DevOps we use our company domain account and if I add the MSP01 account directly they are managed as "external" accounts and they will have restricted access to the project.
So is there a way to connect to azure DevOps from azure data factory using PAT token??
So is there a way to connect to azure DevOps from azure data factory using PAT token?
I am afraid there is no such a way to connect to azure DevOps from azure data factory using PAT token at this moment.
To resolve this issue, you could try to add those "external" users as guest in AAD to get access to the Azure devops.
You could check this similar thread and the document for some details.
Hope this helps.
I am facing an issue on Azure Data Factory when I try to access the Azure DevOps Git Repository that I configured. The error message is: "Invalid GIT configuration. You need to gain access to the repository before you can publish any changes. Details: Authentication error - you do not have access to the provided Azure DevOps account."
I am using the same account on both DevOps and Data Factory. My Azure portal access is "Contributor" at the subscription level and my DevOps role is Project Administrator on the project.
Regards,
Tania
I've tried various combinations of creating the repository as new from Data Factory as well as using an existing one created (by myself) in Azure DevOps.
From https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles in the Open Feedback items a user mentions that "the Build-in role Data Factory Contributor this is not in Allow part:
Action:Microsoft.DataFactory/locations/configureFactoryRepo/action"
I investigated the the contributor role and it appears to have the Action allowed as "Read" ?
ADF Repo Settings
ADF Repo Error
After the detailed message shared from #taniaw, this issue caused by the account confused.
Here has 2 accounts, A#abc.com, and A#efg.com.
When login to azure portal with A#abc.com, and configure the Azure Devops Git. It's all correct. Now, the issue is when go Azure Devops Git tab after the repos configured successfully, its access account used in the backend changed into A#efg.com. But this account does not has permission to access the organization and repos. That's why when click the Azure Devops Git tab, it is grey and receiving the error message "You do not access to the repository".
These detailed message can all be viewed by Fiddler. Everyone can use fiddler trace to know the exactly error caused then analyze it.
At last, the solution is this is the account mapping confused issue which need Azure Account Team support.
Verify the User configuration at Organization level:
The default is "Stakeholder" - it should be "Basic" actually.
Hope it is useful.
This issue was resolved today. The cause was a different Azure DevOps tenant where my account had been added as a guest had used an email account instead of my Azure AD account and this caused the confusion when passing credentials from Azure Data Factory to Azure DevOps. The issue was resolved by leaving the organization that had my user mis-configured as I'm no longer actively working on that project. A better solution may have been to have their Azure AD administrator update my guest account to the correct details.
Anyone know if it's possible to upload custom policies via an Azure DevOps task?
The release pipeline might look like this:
Staging Environment - Deploy from Git to IEF, add suffix _staging
Block pipeline for manual testing
Prod Environment - Deploy to IEF
without the staging suffix
It is possible through MS Graph API for Programmatic access to Custom Policies and Keysets.
You can use Graph API requests to create, update and delete custom policies. These are Graph API requests so you can integrate these in your pipeline but you need to manage the access token.
The MS Graph API is indeed the way to go. For a complete solution look here.
Details on integrating with a DevOps pipeline are here.
Reference 1. Check this blogpost on Custom Policies release automation with Azure DevOps
Reference 2. this extension is available in Azure DevOps marketplace, do the work somewhat similar
Reference 3. Here is Documentation from Azure, Deploy custom policies with Azure Pipelines
I created the ARM templates for Azure Web App, Azure SQL Database, Key vault and Azure Storage. And deployed these ARM templates in to azure using Azure DevOps process CI and CD.
But I want to enforce policies as part of the development process. I know Microsoft released the feature of Azure Policy integration with Azure DevOps is now available. But I don’t know how to integrate policies with Azure DevOps.
Can anyone suggest me or provide any useful documentation?
After creating and assigning policies, they are automatically evaluated on every template deployment. If there is an attempt to deploy a template that violates a policy with a deny effect, you can see this in Azure DevOps:
Edit: How to use steps for creating and assigning policies and finding the output can be found on the docs: https://learn.microsoft.com/en-us/azure/devops/pipelines/release/azure-policy?view=azure-devops. Also, you can now evaluate Azure Policies via an Release Gate. See: https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-policy-check-gate?view=azure-devops
Azure Pipelines has Policy gates that can also be used to check if the underlying resources/resource group/subscription is compliant before proceeding.
You can find details here.