Azure DevOps Pipeline - Service Connection Permission

0
votes

Assuming an Azure DevOps pipeline has been authorized to use a service connection. If the user that is running the pipeline does NOT have permission on the same service connection, will he/she be able to run the pipeline still? Just want to see which takes precedence.

Thanks

1
azure-devopsazure-pipelinesazure-pipelines-release-pipelineazure-pipelines-release-task

1 Answers

0
votes

The pipeline use the service connection via pipeline service account instead of personal account. Assuming an Azure DevOps pipeline has been authorized to use a service connection. If the user that is running the pipeline does NOT have permission on the same service connection, He can still run the pipeline

Test A

I create a service connection via account A->open service connection->add yaml build in the Pipeline permissions->run the yaml build via account B, it works.

Result:

enter image description here

Test B

If I remove the yaml build in the pipeline permission and run the build, it need to permit the permission

Result:

enter image description here