Azure Devops, Conditional Access Policies prevent pipelines from running

1
votes

At the moment I have setup a build pipeline that pulls an artifact from Azure artifacts. Authentication is done using a Personal Access Token.

Since a couple of days now, my pipeline errors out with the message: VS403463: The conditional access policy defined by your Azure Active Directory administrator has failed.

Looking into the debug logs I can see the call that is made Now doing this call from my local machine, this works but ONLY if I am within the network of my Organisation (if I run it from home, it does not work)

Looking at the pipeline, it mentions that it gets an agent "from the cloud". I assume this agent is not within our network.

Is there any way we can setup Azure Devops such that we can still access Azure artifacts from a cloud build agent whilst this conditional access policy is in place?

1
active-directoryazure-devopsazure-pipelinesdevopsazure-artifacts

1 Answers

0
votes

Your administrator might set the Conditional Access policies to block the ip outside the trusted IP range to access your organization resources. Check the Common signals Conditional Access takes.

You can try connecting to your organization network over VPN when you work from home. Or asking your administrator to add your home ip to the trusted ip range.

You can also try disabling "Enable Azure Active Directory Conditional Access Policy Validation" in your azure devops organization setting page. Check the steps here.

Check here to learn more about conditional access policy. Hope you find it helpful.