Azure Resource Group Deployment task

  • 5 minutes to read

Azure Pipelines

Use this task in a build or release pipeline to deploy, start, stop, and delete Azure Resource Groups.

YAML snippet

# Azure resource group deployment
# Deploy an Azure Resource Manager (ARM) template to a resource group and manage virtual machines
- task: AzureResourceGroupDeployment@2
  inputs:
    azureSubscription: 
    #action: 'Create Or Update Resource Group' # Options: create Or Update Resource Group, select Resource Group, start, stop, stopWithDeallocate, restart, delete, deleteRG
    resourceGroupName: 
    #location: # Required when action == Create Or Update Resource Group
    #templateLocation: 'Linked artifact' # Options: linked Artifact, uRL Of The File
    #csmFileLink: # Required when templateLocation == URL Of The File
    #csmParametersFileLink: # Optional
    #csmFile: # Required when  TemplateLocation == Linked Artifact
    #csmParametersFile: # Optional
    #overrideParameters: # Optional
    #deploymentMode: 'Incremental' # Options: Incremental, Complete, Validation
    #enableDeploymentPrerequisites: 'None' # Optional. Options: none, configureVMwithWinRM, configureVMWithDGAgent
    #teamServicesConnection: # Required when enableDeploymentPrerequisites == ConfigureVMWithDGAgent
    #teamProject: # Required when enableDeploymentPrerequisites == ConfigureVMWithDGAgent
    #deploymentGroupName: # Required when enableDeploymentPrerequisites == ConfigureVMWithDGAgent
    #copyAzureVMTags: true # Optional
    #runAgentServiceAsUser: # Optional
    #userName: # Required when enableDeploymentPrerequisites == ConfigureVMWithDGAgent && RunAgentServiceAsUser == True
    #password: # Optional
    #outputVariable: # Optional
    #deploymentName: # Optional
    #deploymentOutputs: # Optional
    #addSpnToEnvironment: false # Optional

Arguments

ArgumentDescription
Azure subscription(Required) Select the Azure Resource Manager subscription for the deployment.
Action(Required) Action to be performed on the Azure resources or resource group.
Resource group(Required) Provide the name of a resource group.
Location(Required) Location for deploying the resource group. If the resource group already exists in the subscription, then this value will be ignored.
Template location(Required) Select either "Linked artifact" or "URL of the file"

By default, "Linked artifact" is used.
Template link(Required) Specify the URL of the template file. Example: https://raw.githubusercontent.com/Azure/...

To deploy a template stored in a private storage account, retrieve and include the shared access signature (SAS) token in the URL of the template. Example: <blob_storage_url>/template.json?<SAStoken> To upload a template file (or a linked template) to a storage account and generate a SAS token, you could use Azure file copy task or follow the steps using PowerShell or Azure CLI.

To view the template parameters in a grid, click on ... next to Override template parameters text box. This feature requires that CORS rules are enabled at the source. If templates are in Azure storage blob, refer to this to enable CORS.

Template parameters link(Optional) Specify the URL of the parameters file. Example: https://raw.githubusercontent.com/Azure/...

To use a file stored in a private storage account, retrieve and include the shared access signature (SAS) token in the URL of the template. Example: <blob_storage_url>/template.json?<SAStoken> To upload a parameters file to a storage account and generate a SAS token, you could use Azure file copy task or follow the steps using PowerShell or Azure CLI.

To view the template parameters in a grid, click on ... next to Override template parameters text box. This feature requires that CORS rules are enabled at the source. If templates are in Azure storage blob, refer to this to enable CORS.

Template(Required) Specify the path or a pattern pointing to the Azure Resource Manager template. For more information about the templates see https://aka.ms/azuretemplates. To get started immediately use template https://aka.ms/sampletemplate.
Template parameters(Optional) Specify the path or a pattern pointing for the parameters file for the Azure Resource Manager template.
Override template parameters(Optional) To view the template parameters in a grid, click on “…” next to Override Parameters textbox. This feature requires that CORS rules are enabled at the source. If templates are in Azure storage blob, refer to this to enable CORS. Or type the template parameters to override in the textbox. Example,
–storageName fabrikam –adminUsername $(vmusername) -adminPassword $(password) –azureKeyVaultName $(fabrikamFibre).
If the parameter value you're using has multiple words, enclose them in quotes, even if you're passing them using variables. For example, -name "parameter value" -name2 "$(var)"
To override object type parameters use stringified JSON objects. For example, -options ["option1"] -map {"key1": "value1" }.
Deployment mode(Required) Incremental mode handles deployments as incremental updates to the resource group . It leaves unchanged resources that exist in the resource group but are not specified in the template.

Complete mode deletes resources that are not in your template.

Validate mode enables you to find problems with the template before creating actual resources.

By default, Incremental mode is used.

Enable prerequisites(Optional) These options would be applicable only when the Resource group contains virtual machines.

Choosing Deployment Group option would configure Deployment Group agent on each of the virtual machines.

Selecting WinRM option configures Windows Remote Management (WinRM) listener over HTTPS protocol on port 5986, using a self-signed certificate. This configuration is required for performing deployment operation on Azure machines. If the target Virtual Machines are backed by a Load balancer, ensure Inbound NAT rules are configured for target port (5986).
Azure Pipelines/TFS endpoint(Required) Agent registration with a deployment group requires access to your Visual Studio project.?

Click "Add" to create a service connection using a personal access token (PAT) with scope restricted to "Deployment Group" and a default expiration time of 90 days.

?Click "Manage" to update service connection details.?
Project(Required) Specify the project which has the Deployment Group defined in it?
Deployment Group(Required) Specify the Deployment Group against which the Agent(s) will be registered. For more guidance, refer to Deployment Groups
Copy Azure VM tags to agents(Optional) Choose if the tags configured on the Azure VM need to be copied to the corresponding Deployment Group agent.

By default all Azure tags will be copied following the format “Key: Value”. Example: An Azure Tag "Role : Web" would be copied as-is to the Agent machine.

For more information on how tag Azure resources refer to link
VM details for WinRM(Optional) Provide a name for the variable for the resource group. The variable can be used as $(variableName) to refer to the resource group in subsequent tasks like in the PowerShell on Target Machines task for deploying applications.
Valid only when the selected action is Create, Update or Select, and required when an existing resource group is selected.
Deployment outputs(Optional) Provide a name for the variable for the output variable which will contain the outputs section of the current deployment object in string format. You can use the “ConvertFrom-Json” PowerShell cmdlet to parse the JSON object and access the individual output values.
Control options

Open source

This task is open source on GitHub. Feedback and contributions are welcome.