How to parametrize azureSubscription in azure devops template task

Question

I am trying to use parameters in Azure Devops templates. I can print any parameter inside the template. But when I use parameter in a template with any task that requires azure subscription that will make the pipeline always fail with

"The pipeline is not valid. Job myDeployment: Step input azureSubscription references service connection $(mySubscription) which could not be found."

Example of pipeline and template below. Is there any way to path azure Subscription to the template?strong text

pipeline.yml

- stage: myStage
  pool: windows
  variables: 
    - name: azureSubscription
      value: mySubscription
    - name: keyVaultName
      name: myKeyVauld

  jobs: 
    deployment: myDeployment
    strategy: 
      runOnce:
        deploy:
          steps:
          - template: myTemplate.yml
            parameters: 
              subscription: $(azureSubscription) # changing this to literal will work but not what I need
              vault: $(keyVaultName)

myTemplate.yml

parameters:
- name: subscription
  type: string
  default: ''
- name: vault
  type: string
  default: ''

steps:

- task: AzureKeyVault@1
  inputs:
    azureSubscription: '${{ parameters.subscription }}'
    keyVaultName: '${{ parameters.vault }}'
    secretsFilter: myKey

Daniel Mann Daniel Mann · Accepted Answer · 2020-02-27T18:32:20

This is a known issue / limitation. You have to pass the Azure subscription as a literal. No way around it that I know of, unfortunately.

It's been a point of discussion for literally years on this GitHub issue: https://github.com/microsoft/azure-pipelines-agent/issues/1307

How to parametrize azureSubscription in azure devops template task

2 Answers