cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Service principle needs JIT access for running AzureDevOps Pipeline through PIM

Coolhost
Copper Contributor

‎Oct 17 2023 09:39 PM - last edited on ‎Mar 05 2024 04:56 PM by

‎Oct 17 2023 09:39 PM - last edited on ‎Mar 05 2024 04:56 PM by

Service principle needs JIT access for running AzureDevOps Pipeline through PIM

How to enable service principle just in time access (PIM).

Need to run the Azure Devops yaml pipeline with the help of service principle using just in time access (PIM).

Labels:
1,166 Views
0 Likes
3 Replies
Reply
3 Replies
LeonPavesic

‎Oct 19 2023 02:04 AM

‎Oct 19 2023 02:04 AM

Re: Service principle needs JIT access for running AzureDevOps Pipeline through PIM

Hi @Coolhost,

To enable service principal just-in-time access (PIM) for running Azure DevOps Pipeline through PIM, follow these steps:

  1. Create a security group in Azure Active Directory (Azure AD) and add the service principal to the group.
  2. Enable PIM for the security group.
  3. Assign the service principal to the appropriate Azure DevOps role in the pipeline.
  4. Configure PIM for the Azure DevOps role.

To run the Azure DevOps YAML pipeline with the help of service principle using just-in-time access (PIM), follow these steps:

  1. Create a pipeline in Azure DevOps and add the service principal as a member of the pipeline.
  2. Configure the pipeline to run using the service principal.
  3. When the pipeline needs to be run, the service principal will need to request activation of the Azure DevOps role.
  4. Once the activation is approved, the service principal will be able to run the pipeline.


Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.


If the post was useful in other ways, please consider giving it Like.


Kindest regards,


Leon Pavesic
(LinkedIn)

0 Likes
Reply
Coolhost

‎Oct 19 2023 09:15 PM

‎Oct 19 2023 09:15 PM

Re: Service principle needs JIT access for running AzureDevOps Pipeline through PIM

Hi @Leon,
can you share the step by step procedure to achieve it ?
0 Likes
Reply
Coolhost

‎Oct 20 2023 01:04 AM

‎Oct 20 2023 01:04 AM

Re: Service principle needs JIT access for running AzureDevOps Pipeline through PIM

Hi @Leon,
Thanks for helping.
i gone through your solution and followed the steps completed, Still my pipeline is running and creating the resource even PIM is deactivated. please help me with detailed step by step procedure to achieve it. .
0 Likes
Reply