Service principle needs JIT access for running AzureDevOps Pipeline through PIM

Copper Contributor

How to enable service principle just in time access (PIM).

Need to run the Azure Devops yaml pipeline with the help of service principle using just in time access (PIM).

3 Replies

Hi @Coolhost,

To enable service principal just-in-time access (PIM) for running Azure DevOps Pipeline through PIM, follow these steps:

  1. Create a security group in Azure Active Directory (Azure AD) and add the service principal to the group.
  2. Enable PIM for the security group.
  3. Assign the service principal to the appropriate Azure DevOps role in the pipeline.
  4. Configure PIM for the Azure DevOps role.

To run the Azure DevOps YAML pipeline with the help of service principle using just-in-time access (PIM), follow these steps:

  1. Create a pipeline in Azure DevOps and add the service principal as a member of the pipeline.
  2. Configure the pipeline to run using the service principal.
  3. When the pipeline needs to be run, the service principal will need to request activation of the Azure DevOps role.
  4. Once the activation is approved, the service principal will be able to run the pipeline.


Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.


If the post was useful in other ways, please consider giving it Like.


Kindest regards,


Leon Pavesic
(LinkedIn)

Hi @Leon,
can you share the step by step procedure to achieve it ?
Hi @Leon,
Thanks for helping.
i gone through your solution and followed the steps completed, Still my pipeline is running and creating the resource even PIM is deactivated. please help me with detailed step by step procedure to achieve it. .