Blog Post

Healthcare and Life Sciences Blog
4 MIN READ

Deploying .dapacs to Azure SQL via Azure DevOps Pipelines

j_folberth's avatar
j_folberth
Icon for Microsoft rankMicrosoft
Sep 09, 2024
  Introduction This post is part of the SQL Database series that I am compiling. This specific topic assumes that you have already built a .dacpac file via Azure DevOps YAML Pipeline and a...
Updated Sep 09, 2024
Version 1.0
sql
SQL Database Series
YAML
YAML Pipelines
ErikEjlskovJensen's avatar
ErikEjlskovJensen
MVP
Sep 30, 2024

Would love to see your process for giving an App Service identity access to the database

j_folberth's avatar
j_folberth
Icon for Microsoft rankMicrosoft
Jan 21, 2025

So I actually have two depending on how one wants to implement. The first would be to include the app service as part of the security script. This would tie the MSI auth to part of the database deployment process Deploying .dacpacs to Multiple Environments via ADO Pipelines | Microsoft Community Hub

Alternatively, one can have the ADO service connection be a member of the Entra AD admin and then execute an inline sql script to add the app service MSI as a user. This would tie the auth to the app service deployment. i.e. run this after the app service has been deployed. Both are acceptable, I would probably fall back to how much security will be configured, organizational preference, and lifecycle of the database vs the application.