How to pass azure-pipelines.yml variables to ARM templates with AzureResourceManagerTemplateDeployment

Question

I'm starting to work with Azure and tried these steps:

• I added a secret to an Azure Vault.
• I linked a service principal to my Azure DevOps pipelines.
• I created a variable group linked to my vault.
• I created a variable group with some variables.
• I created a azure-pipelines.yaml with a variables: group: group1 group: group2 part
• I have - task: AzureResourceManagerTemplateDeployment@3 with a template with parameters. How do I satisfy the paramters from the variable groups?

Answer 1

You can have a try using overrideParameters parameter for the task to override your ARM template's parameters with the variables defined in your variable groups. Check here for more parameters about this task.

- task: AzureResourceManagerTemplateDeployment@3
      inputs:
        azureResourceManagerConnection: <connection>

        overrideParameters: -storageAcctName azurerg -Username $(vmusername) -azureKeyVaultName $(fabrikamFibre)

For accessing AzureKeyVault, you can also use Azure Key Vault task to get your secrets in your build pipeline, or integrate KeyVault to your ARM template as @Daniel Mann pointed out. Check here for Microsoft official tutorial.