This is an Azure DevOps extension that provides tasks for installing and running Sheriff, a command line tool to manage Azure role-based access control (Azure RBAC) and Microsoft Entra Privileged Identity Management (Microsoft Entra PIM) using desired state configuration.
The extension is available in the Visual Studio Marketplace.
This task installs the Sheriff CLI on the agent. The version input accepts either latest or a specific version number in the format vA.B.C, e.g. v0.1.0.
- task: InstallSheriffCLI@0
displayName: Install Sheriff CLI
inputs:
version: latestThis task runs Sheriff in plan mode, equivalent to running sheriff plan [mode].
- task: SheriffPlan@0
displayName: Plan Sheriff changes
inputs:
configDir: $(System.DefaultWorkingDirectory)/.config
mode: azurerm
serviceConnectionName: <service connection name>This task runs Sheriff in apply mode, equivalent to running sheriff apply [mode].
- task: SheriffApply@0
displayName: Apply Sheriff changes
inputs:
configDir: $(System.DefaultWorkingDirectory)/.config
mode: azurerm
serviceConnectionName: <service connection name>We welcome contributions to this repository. Please see CONTRIBUTING.md for more information.