Open yene opened 11 months ago
Azure PowerShell task is the same.
Now that workload identity federation is a thing there is a much bigger use case for service principals with no access to Azure resources, but instead just being used to get tokens for Azure DevOps/Kubernetes/etc.
This issue is stale because it has been open for 180 days with no activity. Remove the stale label or comment on the issue otherwise this will be closed in 5 days
Not stale
Task name
Azure CLI
Task version
2.217.1
Environment type (Please select at least one enviroment where you face this issue)
Azure DevOps Server type
dev.azure.com (formerly visualstudio.com)
Azure DevOps Server Version (if applicable)
No response
Operation system
Ubuntu 20.04
Task log
Relevant log output
Aditional info
Because the task runs
az account set --subscription
it requires read permission on subscription.Why does the task require permission on the subscription? The task does login with
--allow-no-subscriptions
so I am confused.