Closed neilpeterson closed 5 years ago
Hi, I used this one in my Azure Policy task as well. And it works like the following
{
"name": "SubscriptionID",
"type": "string",
"label": "Subscription ID for assignment.",
"defaultValue": "",
"required": true,
"helpMarkDown": "Subscription ID for assignment.",
"properties": {
"EndpointFilterRule": "ScopeLevel == ManagementGroup"
}
}
You can find an example here: https://github.com/RazorSPoint/azure-devops-azure-policy-extension/blob/master/src/AzurePolicy/AzurePolicyV1/task.json#L48
With this only service endpoint of type AzureRM with the scope "Management Group" will then show only those. Which of course makes sense, since this not connected to just one Subscription. It is nowhere documented, but I could find this in the Azure PowerShell task.
@neilpeterson should I add this? My current suggestion would only show Management Group scoped connections. But I can change it so that Both connection types are shown.
@SebastianSchuetze thanks for looking at this. I think I am looking for a solution to a different problem but would love it if you wanted to take a look.
I am using the EndpointFilterRule
to enable management group scoped service connections. This can be seen here and here.
The issue is that a blueprint can only be assigned to a subscription. However, when it is created at a management group, we need the management group id (to get the blueprint id) plus the subscription Id at which we want to assign it.
I've currently implemented like this:
However, if the blueprint has been created at a subscription, we only need the subscription Id. So I would like to grab the Id from service connection and then not show the second subscription input.
I've tried "visibleRule": "ScopeLevel == ManagementGroup"
on the second input, but this does not seem to work.
In any regard, if you've got any suggestions or alternate ways to implement, happy to take them.
Thanks
After talking with Alex, we want to retain the ability to assign to multiple subscriptions with only one service connection, so will want to retain this field.
Closing this issue.
The field is here.
I've tried the following visibility rule, however, it seems visibility is based on values from other inputs.