This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I want to run queries against Azure Sql Database from an Azure DevOps Azure PowerShell task without having to take a trip to Key Vault to get credentials. I am wondering if it's possible to connect in the same way that ADF does using a System Managed Identity?
I've added my AAD credential as an Admin on the Azure Sql Server.
I'm hoping I can do the following:
Obtain the AD user account (managed identity) for Azure DevOps - how do I know which identity to use?
Then I hope I can just run:
CREATE USER [{AZURE_DEVOPS_MANAGED_IDENTITY}] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [{AZURE_DEVOPS_MANAGED_IDENTITY}];
Is this possible?
I have already created a Service Connection in the Azure DevOps project for the subscription where the Azure Sql Database resides in and tried to connect with this code in the Azure PowerShell task:
Import-Module SqlServer
$connString = 'Integrated Security=False;Encrypt=True;Connection Timeout=30;Data Source=marktestsrvr.database.windows.net;Initial Catalog=test-db;'
Invoke-Sqlcmd -ConnectionString $connString -Query "select count(*) as [NumRows] from staging.TestTable"
When I run that task I get this error:
Login failed for user ''.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 10%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
@Mark Allison Welcome to Microsoft Q&A Forums.
You will need to acquire and pass the AccessToken as a parameter.
Please check this article for more details.
----------
If an answer is helpful, please "Accept answer" or "Up-Vote" which might help other community members reading this thread.