Octopus Deploy Documentation

Deploying to Azure via a Firewall

Last updated

All the Azure steps in Octopus are executed from the VM where the Octopus Server is running. So to able to successfully deploy to the Microsoft cloud, you need to make sure your Octopus Server can reach it through the network.

To check you can reach Microsoft cloud through your network, run this script on the same machine using an account with the same permissions as your Octopus Server.

You might need to install Azure Powershell before running this script. For information, see Install the Azure PowerShell module.

$ErrorActionPreference = "Stop"

$OctopusAzureADTenantId = #Enter TenantId here
$OctopusAzureSubscriptionId = #Enter SubscriptionId here
$OctopusAzureADClientId = #Enter ClientId here
$OctopusAzureADPassword = #Enter Secret here
$OctopusAzureEnvironment = "AzureCloud"

$securePassword = ConvertTo-SecureString $OctopusAzureADPassword -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential ($OctopusAzureADClientId, $securePassword)
$AzureEnvironment = Get-AzEnvironment -Name $OctopusAzureEnvironment

Connect-AzAccount -Credential $creds -TenantId $OctopusAzureADTenantId -SubscriptionId $OctopusAzureSubscriptionId -Environment $AzureEnvironment -ServicePrincipal

Get-AzResourceGroup

If everything is working as expected, you will see output showing all the Azure Resource Groups you have access to:

Screenshot of Azure Resource Groups

If you need to add firewall exclusions to a whitelist, here are a few things to take into consideration:

  • Figure out which Azure Data Centers you will be targeting.
  • Figure out which Azure services you will be targeting in those Data Centers.
  • Configure a whitelist from the Octopus Server to the appropriate IP Address Ranges.

Download the latest list of IP Address Ranges from the Microsoft Download Center (updated weekly).

Welcome! We use cookies and data about how you use our website allow us to improve the website and your experience, and resolve technical errors. Our website uses cookies and shares some of your data with third party analytics companies for these purposes.

If you decline, we will respect your privacy. A single cookie will be used in your browser to remember your preference.