Hi Bradley,
This is really useful.
I only have the one securestring (the default) as everything is in a key vault. The deployment is failing on the keyvault with a 403 forbidden. I have assigned the contributor role to the DevOps account I am using against both dev and prod key vaults but no joy. Any suggestions on what I am doing wrong?
2022-11-14T15:40:06.1434878Z ##[debug]{"subscriptionID":"[REMOVED]","subscriptionName":"Microsoft Azure Enterprise","servicePrincipalClientID":"***","environmentAuthorityUrl":"https://login.windows.net/","tenantID":"[REMOVED]","url":"https://management.azure.com/","environment":"AzureCloud","scheme":"ServicePrincipal","activeDirectoryResourceID":"https://management.azure.com/","azureKeyVaultServiceEndpointResourceId":"https://vault.azure.net","azureKeyVaultDnsSuffix":"vault.azure.net","scopeLevel":"Subscription","authenticationType":"spnKey","servicePrincipalKey":***,"isADFSEnabled":false,"applicationTokenCredentials":{"clientId":"***","domain":"[REMOVED]","baseUrl":"https://management.azure.com/","authorityUrl":"https://login.windows.net/","activeDirectoryResourceId":"https://management.azure.com/","isAzureStackEnvironment":false,"authType":"spnKey","secret":***,"isADFSEnabled":false}}
2022-11-14T15:40:06.1437097Z ##[debug][POST]https://login.windows.net/[REMOVED]/oauth2/token/
2022-11-14T15:40:06.6396150Z For Artifact: Az_Kv_SSSC: ArtifactDeploymentTask status: 403; status message: Forbidden
Microsoft