We have developers owner access to azure portal to create pipelines in Azure devops. Is there any specific role which will allow them to create service principal accounts for azure devops pipelines without having Owner access in Azure Portal?
thanks
0
votes
1 Answers
0
votes
Sure, there are two main ways to let the non-owner user can create service principal in an AAD:
Navigate to "Azure Active Directory" > "Users" > "User settings" to enable the option "App registrations". With this way, any user in the Azure AD tenant can register application and service principal that can access resources. To set this option, you must be an administrator role in the AAD.
If disabling the "App registrations" option, only users with an administrator role in the AAD may register application and service principal. You can see "Azure AD built-in roles" to learn about available administrator roles and the specific permissions in Azure AD that are given to each role.
To view more details, you can see:
