Azure DevOps — Use your own Service Principal for an Azure Container Registry connection

In order to connect Azure DevOps to external and remote services, you need to create service connection.

Some service connection types like Azure Resource Manager (ARM) allows you to use a custom service principal. This is a preferred option over automatic service connection creation through Azure DevOps Wizard for below reasons-

• The creation experience requires the logged-in user to have permissions to create Service Principals in Azure AD
• The creation experience requires the logged-in user to have permissions to assign permissions to the Service Principal in the subscription
• Each new Service Connection creates a new Service Principal
• Service Principals don’t get deleted when you delete the Service Connection
• Service Principals get created with a weird name that doesn’t really explain where it is used

I was trying to add a new Service Connection for Azure Container Registry and surprisingly it does not allow use of service principal.

First of all, we need to use Docker Registry type service connection which is not self-intuitive if you want to create one for ACR

I needed a connection to my Azure Container Registry, so I picked the obvious choice: Azure Container Registry. It automatically loads all Azure subscriptions you can access, and it loads the…