As a Microsoft Azure Engineer, I work with customers every day to help them solve problems they face bringing their business and process to the Microsoft Azure Cloud.
Recently, several of our customers have asked how to connect their Visual Studio Team Services account to their CSP Azure account, so I thought a tutorial was in order. I spoke with Brian Moore at Microsoft, then created the following series of steps.
If you have a regular Pay-As-You-Go subscription, then you have access to the old portal — manage.windowsazure.com — and the process is pretty simple and laid out in this article from Microsoft. But if you’re a CSP, that doesn’t work, and that’s where this guide will come in handy.
First, log in to your Visual Studio Team Services account. As you can see below, I have logged into mine and I have a couple of projects.
Select a project to deploy/integrate with Azure. I selected my “sample” project.
Now, configure the project to connect to VSTS by creating an endpoint. Do this by clicking the link for New Service Endpoint and clicking the Azure Resource Manager item from the dropdown list.
I named my endpoint VSTS-Connection and associated it with a specific subscription by selecting from the dropdown list.
With the endpoint complete, you have the option to:
- change its configuration
- change the name of the SPN
- associate this SPN with a different Azure Subscription you have access to
- manage the endpoint’s role within Azure
- change the level of permissions the SPN has in your subscription
- manage the service principal itself
- view and assign users
- configure if users should be assigned
- update keys
- add Application Access
- disconnect the service principal
The disconnect will delete the service principal from Azure, so in production, this service principal should only ever be used with Visual Studio.
As a side note, the manage service principal link kicks you over to the old portal, so for CSP customers, this could fail. See images below for what to do in that case.
Update service configuration
Your options are to change the connection name and/or change the subscription.
Manage endpoint roles
Here you will be able to adjust or change the roles associated with this Service Principal.
Manage service principal
By default, this connects you over to the old portal. But it also gives you the ability to manipulate the properties of the service principal. There are several options and settings available on this page, that is beyond the scope of what this article is intended. For more information check out this article.
Here is where you can find the same information in the new portal. This is difficult to see, but you just need to go to Azure Active Directory > App Registrations and then choose the Service Principal named VisualStudioSPN.
Finally, to remove the endpoint and service principal, simply choose disconnect, and this will go through and clean everything up.
Click to learn more about how you can use Visual Studio Team Service in your development lifecycle in Azure.