This is a blogpost about a script which performs a Token Refresh for the WVD springrelease ARMTemplate deployment. This normally needs to be entered manually but with this script this token will be refreshed at the start of every deployment.
I am talking about this parameter which sits in the ARM Template supplied by Microsoft (you can find them here):

When you deploy this ARMTemplate via Azure DevOps you can find the parameter here:

The token in the picture has expired. This needs to be set manually. You can not set this further than 30 days. That is why we need a script to refresh this parameter at the start of the deployment.
Prerequisites
The prerequisites needed are:
- Service Principal (App Registration) with Permissions to your Azure DevOps project.
- Azure Key Vault with your Service Principal credentials.
- Azure DevOps Project with release pipeline for WVD Spring Release.
- The Azure CLI module installed. You can download it here.
Preparation
Firstly, we need to create an Azure DevOps variable group. Log on to Azure CLI with the command: (you can login by using the service principal or you can login with your user credentials, for the script we will use the service principal)
1 |
az login |
Now set the default organization and project:
1 |
az devops configure --defaults organization=https://dev.azure.com/organizationame/ |
And:
1 |
az devops configure --defaults project="ProjectName" |
Now create the variable group with the following command:
1 |
az pipelines variable-group create --name Example --variables TokenRefresh=Example |
Important! Take note of the “Id”, we need this later in the script:

Furthermore, this is what it looks like in to Azure DevOps portal:

Configure the script
Now edit your release pipeline which creates your WVD springrelease hostpools. Firstly, add the new variable group to the release pipeline. Go to Edit:

Now go to Variables:

And add the variable group we created earlier:

Now go back to the tasks in your release pipeline and add a new task:

Search for Azure CLI and add the new task:

Enter the variables for the DisplayName, Azure Resource Manager Connection, Script Type and Script Location.

Now enter this in the “Inline Script” section: (Use the group ID created earlier in the blog)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
$installedModules = Get-InstalledModule if ($installedModules.Name -notmatch "Az.DevOps") { Install-Module Az.DevOps -Force -AllowClobber } #Put Token data in variable $AddDays = (Get-date).adddays(5) $newTokenDate = Get-Date $AddDays -format yyyy-MM-dd az login --service-principal -u AppId -p password --tenant tenant az devops configure --defaults organization=https://dev.azure.com/organizationname/ az devops configure --defaults project="projectname" az pipelines variable-group variable update --group-id 16 --name "TokenRefresh" --value $newTokenDate |
Your deployment now should look like this:

When you run the script the following variable should be created: (I wrote this on November 4th)

Lastly, we need to add this value in to our parameters on the WVD Springrelease ARMTemplate deployment. Put the $(TokenRefresh) value over here:

And that is how you script a Token refresh for your WVD Springrelease ARMTemplate deployment.
References
My Other WVD Scripts:
Drain Hostpools
LogOff Users
Delete Hostpools
5 thoughts on “WVD Springrelease ARMTemplate Token Refresh Script”