Integration between Azure DevOps and Azure Cloud

Joao Pedro Alves 60 Reputation points
2023-12-07T11:48:31.59+00:00

I'm working with Azure DevOps and Azure Cloud, both are in different tenants. I'm trying to deploy an Azure Function using DevOps pipelines, but when attempting the first deployment, I received a 403 - Forbidden error from the Function App. To make it work, I had to make the Function App public. However, I would like to know how to achieve this integration without having to make the Function App public, so that DevOps can deploy without issues.

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
5,408 questions
{count} votes

Accepted answer
  1. Amira Bedhiafi 28,536 Reputation points
    2023-12-09T17:07:31.8233333+00:00

    You should create a Service Principal in Azure Active Directory (AAD) within the tenant where the Azure Function is hosted. This Service Principal acts as an identity for applications, allowing secure access without exposing user credentials.

    Assign the necessary roles and permissions to this Service Principal. For deploying Azure Functions, it might need Contributor or similar roles on the Function App resource.

    In Azure DevOps, create a new Service Connection using the Service Principal. This connects your Azure DevOps project to your Azure subscription and allows Azure DevOps to deploy resources to Azure.

    Modify your pipeline YAML or release definition in Azure DevOps to use the newly created Service Connection. This ensures that the pipeline has the correct permissions to deploy the Azure Function.

    Here is an old thread that may help you : https://learn.microsoft.com/en-us/answers/questions/1043418/https-403-error-from-azure-function

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.