Forum Discussion
Service Connection with user-assigned Managed Identity and Azure App Service failing to deploy
Hi guys
So i wanted to try to work with managed identities in Azure DevOps instead of the service principal on my service connection (Azure Resource Manager) to Azure.
However i am struggling to understand where i can specifiy the user assigned managed identity that i created on the Azure side for this purpose.
Using this new service connection for my Deployment Pipeline i keep getting this message:
##[error]Error: Failed to fetch App Service 'my app Service' publishing credentials. Error: Could not fetch access token for Azure. Status code: 400, status message: Could not fetch access token for Managed Service Principal. Status code: 400, status message: Bad Request
Is this setup even supported? i gave this newly created managed identity owner permissions on the whole subscription....
Thanks for any help!
- Seems like Managed Identities only work if you use your own VM as an agent in the pipeline:
https://developercommunity.visualstudio.com/t/are-there-any-microsoft-hosted-agents-with-msi-man/1110711
- LephasBrass Contributor
i have read this and many other articles many times - but it doesn't provide clarity to my question. (or i am too stupid to understand)
I have been trying to find a solution for 1 day without any luck. I read on some places that the managed identity has to be configured on the agent that runs the pipeline but what if the agents are hosted by microsoft?- LephasBrass ContributorSeems like Managed Identities only work if you use your own VM as an agent in the pipeline:
https://developercommunity.visualstudio.com/t/are-there-any-microsoft-hosted-agents-with-msi-man/1110711