diff --git a/Instructions/Labs/AZ400_M07_Integrating_Azure_Key_Vault_with_Azure_DevOps.md b/Instructions/Labs/AZ400_M07_Integrating_Azure_Key_Vault_with_Azure_DevOps.md index f12f104b6..7622308e4 100644 --- a/Instructions/Labs/AZ400_M07_Integrating_Azure_Key_Vault_with_Azure_DevOps.md +++ b/Instructions/Labs/AZ400_M07_Integrating_Azure_Key_Vault_with_Azure_DevOps.md @@ -174,8 +174,8 @@ In this task, you will configure the Azure Pipeline to retrieve the secret from 1. On the **Pipelines** pane, click the entry representing the **SmartHotel-CouponManagement-CI** pipeline and, on the **SmartHotel-CouponManagement-CI** pane, click **Run Pipeline**. 1. On the **Run pipeline** pane, accept the default settings and click **Run** to trigger a build. 1. In the vertical navigational pane of the of the Azure DevOps portal, in the **Pipelines** section, select **Releases**. -1. On the **SmartHotel-CouponManagement-CI** pane, click **Edit** in the upper right corner. -1. On the **All pipelines > SmartHotel-CouponManagement-CI** pane, select the **Task** tab and, in the dropdown menu, select **Dev**. +1. On the **SmartHotel-CouponManagement-CD** pane, click **Edit** in the upper right corner. +1. On the **All pipelines > SmartHotel-CouponManagement-CD** pane, select the **Task** tab and, in the dropdown menu, select **Dev**. > **Note**: The release definition for **Dev** stage has an **Azure Key Vault** task. This task downloads *Secrets* from an Azure Key Vault. You will need to point to the subscription and the Azure Key Vault resource created earlier in the lab. @@ -187,15 +187,15 @@ This will open another browser tab displaying the **Service connections** pane i 1. On the **New service connection** pane, select the **Azure Resource Manager** option, click **Next**, select **Service Principal (manual)**, and click **Next** again. 1. On the **New service connection** pane, specify the following settings, using the information you copied to a text file in the first task of this exercise following creation of the service principal by using Azure CLI: -- Subscription Id: the value you obtained by running `az account show --query id --output tsv` -- Subscription Name: the value you obtained by running a`z account show --query name --output tsv` -- Service Principal Id: the value labeled **appId** in the output generated by running `az ad sp create-for-rbac --name ` -- Service Principal key: the value labeled **password** in the output generated by running `az ad sp create-for-rbac --name ` -- TenantId: the value labeled **tenant** in the output generated by running `az ad sp create-for-rbac --name ` + - Subscription Id: the value you obtained by running `az account show --query id --output tsv` + - Subscription Name: the value you obtained by running a`z account show --query name --output tsv` + - Service Principal Id: the value labeled **appId** in the output generated by running `az ad sp create-for-rbac --name ` + - Service Principal key: the value labeled **password** in the output generated by running `az ad sp create-for-rbac --name ` + - TenantId: the value labeled **tenant** in the output generated by running `az ad sp create-for-rbac --name ` 1. On the **New service connection** pane, click **Verify** to determine whether the information you provided is valid. 1. Once you receive the **Verification Succeeded** response, in the **Service connection name** textbox, type **kv-service-connection** and click **Verify and Save**. -1. Switch back to the web browser tab displaying the **Azure Key Vault** task. +1. Switch back to the web browser tab displaying the pipeline definition and the **Azure Key Vault** task. 1. With the **Azure Key Vault** task selected, on the **Azure Key Vault** pane, click the **Refresh** button, in the **Azure subscription** dropdown list, select the **kv-service-connection** entry, in the **Key vault** dropdown list, select the entry representing the Azure Key vault you created in the first task, and, in the **Secrets filter** textbox, type **sqldbpassword**. Finally, expand the **Output Variables** section and, in the **Reference name** textbox, type **sqldbpassword**. > **Note**: At runtime, Azure Pipelines will fetch the latest value of the secret and set it as the task variable **$(sqldbpassword)**. The tasks can consumed by the subsequent tasks by referencing that variable. @@ -208,7 +208,9 @@ This will open another browser tab displaying the **Service connections** pane i > **Note**: The **Override template parameters** content references the **sqldbpassword** variable to set the mySQL admin password. This will provision the MySQL database defined in the ARM template using the password that you have specified in the key vault. - > **Note**: You may complete the pipeline definition by specifying the subscription and location for the task. Repeat the same for the last task in the pipeline **Azure App Service Deploy**. Finally, save and create a new release to start the deployment. +1. You may complete the pipeline definition by specifying the subscription (if need subscription used, click on **authorize** )and location for the task. **Repeat** the same for the last task in the pipeline **Azure App Service Deploy**. + +1. Finally, **Save** and click on **Create a new release** > **Create** (leave defaults) to start the deployment. ### Exercise 2: Remove the Azure lab resources