azure-cli-extensions
azure-cli-extensions copied to clipboard
Azure
Unclear what I can achieve with 'az devops service-endpoint update'
I'm looking for a way to update the service principal password my existing service connection to Azure RM.
I thought az devops service-endpoint update could perhaps help me out, but I don't see how.
Is the only thing you can do with az devops service-endpoint update is toggle enable-for-all ? Is it not possible to update the --service-endpoint-configuration property ( in the create command ) ? I have a hard time believing that so is something missing from the documentation or am I misunderstanding something?
So would it be possible to do az devops service-endpoint update --service-endpoint-configuration "json-stuff-here"] ?
Or - perhaps even nicer: az devops service-endpoint update --set authorization.parameters.password=password123 like you can do with az network firewall update for instance.
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 6ecb62a2-f74c-a539-d3a8-c8fde7c2de06
- Version Independent ID: 5760936e-90a1-4129-6f6f-6dd4194bb73c
- Content: az devops service-endpoint
- Content Source: latest/docs-ref-autogen/ext/azure-devops/devops/service-endpoint.yml
- GitHub Login: @rloutlaw
- Microsoft Alias: routlaw
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @narula0781, @ashishonce, @romil07.
Issue meta data
| Issue content: | I'm looking for a way to update the service principal password my existing service connection to Azure RM.
I thought `az devops service-endpoint update` could perhaps help me out, but I don't see how.
Is the only thing you can do with So would it be possible to do Document Details⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
|
| Issue author: | jochenvw |
| Assignees: | - |
| Milestone: | - |
ask on how to change Devops service connection credential. route to appropriate team.
I also have the same issue. For example, I need to update a service connection for a GKE Kubernetes cluster. At the moment, it seems I must delete and recreate to do that, which invalidates my release pipeline. The documentation also leaves much to be desired, unfortunately.
I also have the same issue. I need to update the apitoken of the authorization via az devops service-endpoint update command, but there is no way to pass the args according to the official docs. Could the docs been updated?
Hello,
It will be really nice to use AzCli to update service connection config such as certificate or password without having to delete/create (so we are not breaking any release pipeline :-) ) Any update on this issue ?
Simon
Hello,
If anyone is interested, I'm updating ado service connection certificate by directly PUT new certificate in serviceendpoint API, here is an extract :
Write-Host "Updating service connection [$global:azserviceconnection] ..."
$uri = "$organization/$azProjectName/_apis/serviceendpoint/endpoints?endpointIds=$($serviceConnectionId)&api-version=6.0-preview.4"
$method = "GET"
$AzureDevOpsAuthenticationHeader = @{Authorization = 'Basic ' + [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(":$($SpnToken)")) }
$serviceco = Invoke-RestMethod -Method $method -Uri $uri -Headers $AzureDevOpsAuthenticationHeader -ErrorAction 'Stop'
if ($serviceco.count -eq 1) {
$method = "PUT"
$uri = "$organization/_apis/serviceendpoint/endpoints/$($serviceConnectionId)?api-version=6.1-preview.4"
$contentype = "application/json"
$body = ($serviceco.value)
if ($body.authorization.parameters.authenticationType -ne 'spnCertificate') {
$body.authorization.parameters.authenticationType = 'spnCertificate'
}
$body.authorization.parameters | Add-Member -MemberType NoteProperty -Name 'servicePrincipalCertificate' -Value ($(Get-Content -Path $certificate.ServiceConnectionCertPath -Raw -ErrorAction 'Stop')) -ErrorAction 'Stop'
$servicecoUpdate = Invoke-RestMethod -Method $method -Uri $uri -Headers $AzureDevOpsAuthenticationHeader -Body ($body | ConvertTo-Json -Depth 4) -ContentType $contentype -ErrorAction 'Stop'
if ([string]::IsNullOrEmpty($servicecoUpdate)) {
throw "There is an issue when updating Service Connection [$global:azserviceconnection] in projet [$azProjectName]"
} else {
Write-Host "Service Connection [$global:azserviceconnection] in project [$azProjectName] has been updated with success"
}
}
Its working well, without breaking service connection id ;)
BR,
Simon
@narula0781, @ashishonce, @romil07
I'm not familiar with GitHub etiquette so forgive me. Are there any examples of this command working at all?
Is there any activity or resolution on this issue or are we misunderstanding the point of the update command? I'd like to avoid having to curl and strictly use the azure devops cli extension for all operations.
Any update in 2024? Facing same issue but it seems, that nobody taking case. It's more than 3years from initial post, but no reaction. Please can anybody from az cli team comment it at least?
Any update? "Sorry, this is not possible." Can also be an update, but al least we know then.
