The Azure Services Platform (Azure) is an internet-scale cloud services platform hosted in Microsoft data centers, which provides an operating system and a set of developer services that can be used individually or together.
The Azure Services Platform plugin communicates with Windows Azure through Windows Azure Service Management and Storage Services REST application programming interfaces (API), which provides programmatic access to much of the functionality available through the Management Portal using a RESTful application development style. Using the Service Management API, you can manage your virtual machines, networks and databases. The Azure Services Platform plugin allows users to automate and perform operations on Windows Azure providing a more generic interface for managing deployments.
Plugin Version 1.1.10
Revised on November 30, 2022
In an effort to streamline workflows and improve user experience, CloudBees will phase out EC-Azure and transition to a new Azure CLI plugin. The phase-out will start with the CloudBees CD/RO 10.11 release, where we will stop providing new feature support and patches for EC-Azure. The Azure-CLI plugin will be released shortly after. To maintain new feature support and patch integration, we suggest you transition from using EC-Azure and EC-AzureDevops to Azure-CLI as soon as it is available. |
Integrated version
This plugin was developed and tested against Windows Azure 2012.
CloudBees CD/RO minimum version 4.0
Working with Windows certificates
Azure procedures may require a Windows certificate to authenticate requests. To create and upload a certificate to Windows Azure:
-
Generate an X.509 certificate using the Certificate Creation Tool (Makecert.exe) using the follow command:
makecert -sky exchange -r -n "CN=<CertificateName>" -pe -a sha1 -len 2048 -ss My "D:/<CertificateName>.cer"
Makecert.exe is included with Visual Studio and Windows SDK installations. For more information, refer to Microsoft’s Makecert.exe page. -
To upload the Windows certificate to Windows Azure, refer to Configuring TLS for an application in Azure.
Plugin procedures
This plugin enables the following:
-
Database management
-
Group management
-
Network management
-
VM management
-
SQL and NoSQL operations
-
Resource management
Plugin configuration
Plugin configurations are sets of parameters that apply across some or all of the plugin’s procedures. They are intended to reduce repetition of common values, create predefined sets of parameters for end users, and to securely store credentials where needed. Each configuration is given a unique name that is entered in designated parameters on procedures that use them.
Plugin configurations are created by going to the CloudBees CD/RO "Administration" tab, then to the "Plugins" sub-tab. On the right side of the line for the EC-Azure plugin, there is a "Configure" link which will open the Configuration page.
Subscription ID must be created and an X.509 management certificate needs to be uploaded to the certificate store. You can do this using the Management Portal
Parameter | Description |
---|---|
Configuration Name |
Provide a unique name for the configuration, keeping in mind that you may need to create additional configurations over time. (Required) |
Description |
A description for this configuration. |
Tenant ID |
Enter the Azure Active Directory Tenant ID. (Required) |
Subscription ID |
Enter the Azure Active Directory Subscription ID. (Required) |
Client ID/Secret Key |
Azure Application Client ID and Secret(Password). (Required) |
VM User/Password |
Credentials for any virtual machines provisioned using this configuration. (Required) |
Resource Pool |
The name of the pool of resources on which the integration steps can run. (Required) |
Debug Level: |
Level for output: 0=errors only, 1=normal headers and responses, 2+=debugging information included. (Required) |

Create or update database
This procedure allows users to create or update the Database on a Database server.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Resource Group Name |
The name of the Resource Group to which the Azure SQL Database Server belongs. (Required) |
Server name |
The short name of the Azure SQL Database Server on which the database is hosted. For example, testsqlserver001 should be used instead of testsqlserver001.database.windows.net. (Required) |
Database name |
The name of the Azure SQL Database to be operated on (updated or created). (Required) |
Location |
Location of the resource. (Required) |
Edition |
Edition for the Azure SQL Database. |
Collation |
Collation of the Azure SQL Database being created. |
Create Mode |
Create Mode for the Azure SQL Database being created. |
Elastic Pool |
The name of the Elastic Pool to put the Azure SQL Database in. |
Maximum Size in MB |
The maximum size of the Azure SQL Database being created or updated in megabytes. |
Service Objective Id |
The service objective to be applied to the Azure SQL Database being created or updated. |
Source Database Id |
The resource id of the database to use as the source for the copy being created. |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Delete database on server
This procedure allows users to delete the Database on a Database server.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Resource Group Name |
The name of the Resource Group to which the Azure SQL Database Server belongs. (Required) |
Server name |
The short name of the Azure SQL Database Server on which the database is hosted. For example, testsqlserver001 should be used instead of testsqlserver001.database.windows.net. (Required) |
Database name |
The name of the Azure SQL Database to be deletes. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

DeleteDatabase (Azure service)
This procedure allows users to delete a database on a database server using Azure Services.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Resource Group Name |
The name of the Resource Group to which the Azure SQL Database Server belongs. (Required) |
Server name |
The name of the Azure SQL Database Server on which the database is hosted. (Required) |
Database name |
The name of the Azure SQL Database to be operated on (Updated or created). (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Create or update NetworkSecurityGroup
This procedure allows users to create or update a Network Security Group.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Resource Group Name |
The name of the Resource Group to which the Azure SQL Database Server belongs. (Required) |
Location |
Location of the resource. (Required) |
Security Rule |
Security Rule with the same name can be created in multiple Network Security Group and Network Security Group with same name can be created in multiple Resource Group. Provide nested JSON to uniquely identify security rule. Example: \{"RG-1":\{"NSG-1":["Rule-A", "Rule-B"], "NSG-2":["Rule-C", "Rule-D"]}, "RG-2":\{"NSG-3":"RULE-G"}}. |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Delete NetworkSecurityGroup
This procedure allows users to delete a Network Security Group.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Network Security Group |
Name of the Network security Group which is to be deleted. (Required) |
Resource Group Name |
The name of the resource group in which network security group is present. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Create or update NetworkSecurityRule
This procedure allows users to create or update a Rule of a Network Security Group.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Network Security Rule |
Name of the network security rule to be created. (Required) |
Network Security Group |
Network security Group in which network security rule is to be created. (Required) |
Resource Group Name |
The name of the resource group in which network security rule will be present. (Required) |
Access |
Network traffic is allowed or denied. (Required) |
Description |
Description for this rule. |
Source Address Prefix |
Source address prefix. CIDR or source IP range.An asterisk can also be used to match all source IPs (Required) |
Source Port Range |
Source Port Range. Integer or range between 0 and 65535. An asterisk can also be used to match all ports (Required) |
Destination Address Prefix |
Destination address prefix. CIDR or source IP range. An asterisk can also be used to match all source IPs. (Required) |
Destination Port Range |
Destination Port Range. Integer or range between 0 and 65535. An asterisk can also be used to match all ports. (Required) |
Direction |
The direction of the rule.InBound or Outbound. The direction specifies if rule will be evaluated on incoming or outcoming traffic. (Required) |
Priority |
The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. (Required) |
Protocol |
Network protocol this rule applies to. Can be Tcp, Udp or All(*). (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Delete NetworkSecurityRule
This procedure allows users to delete a Rule from an existing Network Security Group.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Network Security Rule |
Name of the Network security Rule which is to be deleted. (Required) |
Network Security Group |
Name of the Network security Group in which network security rule is present. (Required) |
Resource Group Name |
The name of the resource group in which network security group is present. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Create or update subnet
This procedure allows users to create or update a subnet.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Subnet |
Name of the subnet to be created. (Required) |
Virtual Network Name |
The name of the virtual network in which subnet will be present. (Required) |
Resource Group Name |
The name of the resource group in which subnet is to be created. (Required) |
Address Prefix |
It should follow CIDR notation, for example 10.0.0.0/24 (Required) |
Network Security Group |
Network security Group to be attached. Network Security Group of same name can be present in multiple resource group. Provide Json to uniquely identify Network Security Group. Example: \{"RG1":"NSG1"}. |
Route Table |
RouteTable of same name can be present in multiple resource group. Provide Json to uniquely identify RouteTable. Example: \{"RG1":"routeTable"}. |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Delete subnet
This procedure allows users to delete a subnet.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Subnet |
Name of the subnet which is to be deleted. (Required) |
Virtual Network |
Name of the virtual network in which subnet is present. (Required) |
Resource Group Name |
The name of the resource group in which subnet is present. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

CreateVnet
This procedure allows users to create a Virtual Network using Azure Services.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Virtual Network name |
Name of the new Virtual Network. (Required) |
Virtual Network address space |
The Virtual Network’s address space in CIDR notion. It must be contained in one of the standard private address spaces:10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16. ex: 10.12.0.0/16 → 10.12.0.0 - 10.12.255.255 (65536 addresses). (Required) |
Subnet name |
Name of the new Subnet. (Required) |
Subnet address space |
The Subnet’s address space in CIDR notion. It must be contained in one of the standard private address spaces:10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16. ex: 10.12.0.0/24 → 10.12.0.0 - 10.12.0.255 (256 addresses). (Required) |
Custom DNS Server |
Address of DNS Server. |
Resource Group Name |
The name of the resource group in which the Virtual network is to be created. (Required) |
Location |
Location of the resource. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

DeleteVnet
This procedure allows users to delete a Virtual Network using Azure Services.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Virtual Network name |
Name of the new Virtual Network. (Required) |
Resource Group Name |
The name of the resource group in which the Virtual network is to be deleted. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

CreateVM
This procedure allows users to create a VM using Azure Services.
Parameter | Description | ||
---|---|---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
||
Server Name |
Name of the new Server. (Required) |
||
Number of Instances |
Number of instances to be created. (Required) |
||
Image URN |
The image URN in the form publisherName:offer:skus:version/ The source VHD link of a user image. For example,
|
||
Is User Image? |
Provided URN is of user image or not? |
||
Disable Password Prompt? |
Disable password authentication in case of superuser privileges? |
||
Public Key |
Public key for authentication of created Virtual machine for the client:
|
||
Operating System Type |
Required only for user images. |
||
Resource Group Name |
The name of the resource group in which VM is to be created. (Required) |
||
Location |
Location of the resource. (Required) |
||
Storage Account |
Name of storage account. (Required) If this storage account resides in a resource group different from VM itself, it must be specified via -rgn prefix argument. For example, |
||
Storage Container |
Name of the storage container. (Required) |
||
Virtual Network |
Name of an existing Virtual Network for VM to be connected to. If this virtual network resides in a resource group different from VM itself, it must be specified via -rgn prefix argument. For example, |
||
Subnet |
Name of an existing subnet within a Virtual Network. Requires Virtual Network to be set. |
||
Create Public IP Address? |
Create Public IP address for the deployed servers? |
||
Resource Pool |
If you would like to add CloudBees CD/RO resources for each Azure instance being created, enter the resource pool name for the new resources. If left blank no resource will be created. |
||
Resource Port |
If you specify a resource pool name in 'Resource Pool' field, this is the port that will be used when creating the resource. If no value is specified, port 7800 will be used by default when creating the resource. |
||
Resource workspace |
If you specify a resource pool name, this is the workspace that will be assigned to the created resources. |
||
Resource Zone Name |
Created resource will belong to the specified zone. Zone 'default' is used by default. |
||
Machine size |
Size of the machine. For example, Standard_D2_v2. Refer to Virtual machines sizes for reference. |
||
Results Location |
Location where the output properties is saved. If not specified, this defaults to '/myJob/Azure/deployed'. |
||
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Start VM
This procedure allows users to start a stopped VM.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Resource Group Name |
The name of the resource group in which VM is to be started. (Required) |
VM Name |
The Name of the Virtual Machine to be started. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Restart VM
This procedure allows users to restart a VM.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Resource Group Name |
The name of the resource group in which VM is to be restarted. (Required) |
VM Name |
The Name of the Virtual Machine to be restarted. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Stop VM
This procedure allows users to stop a running VM.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Resource Group Name |
The name of the resource group in which VM is to be stopped. (Required) |
VM Name |
The Name of the Virtual Machine to be stoppped. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Delete VM
This procedure allows users to delete a VM.
Parameter | Description |
---|---|
Configuration |
The name of the configuration which holds all the connection information for Windows Azure. (Required) |
Resource Group Name |
The name of the resource group in which VM is present. (Required) |
VM Name |
Name of the VM which is to be deleted. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

SQL operations
This procedure allows users to carry out operations on a database on a SQL Server.
Parameter | Description |
---|---|
Database Server |
Name of the database server. (Required) |
Database |
Name of the database. (Required) |
Port |
Port for connecting to database. (Required) |
Database Credentials |
Credentials for connecting to the database. (Required) |
SQL Query |
Enter the exact SQL query to be executed. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

NoSQL operations
This procedure allows users to carry out operations on NoSQL Database on a specified NoSQL Database Server.
Parameter | Description |
---|---|
Storage Account |
Storage account for table. (Required) |
Account Credentials |
Credentials for connecting to the storage account. (Required) |
Operation |
Operation to be performed on the table. (Required) |
Table Name |
Name of the table. (Required) |
ToBeInserted or ToBeUpdated |
Enter the column-value in JSON format. For Update and Single Insertion: \{ "id": 4, "name": "Henry"}, For Batch Insertion: [\{"id": 1, "name": "Alek"}, \{"id": 2, "name": "Bob"}]. Will be ignored for operations other than INSERT and UPDATE. |
Partition Key |
Enter the partition Key. Will be used only for INSERT operation. |
ToBeRetrieved |
Enter "," separated list of columns to be retrieved. For example: id, name. Will be ignored for operations other than RETRIEVE(Select) |
WhereClause |
Enter the exact where clause Example: (id eq 1 and name eq \'Alek\'). Will be ignored for operations other than UPDATE, RETRIEVE and DELETE. |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Teardown
This procedure allows users to delete resources recursively under a specified resource/resource pool in one attempt.
Parameter | Description |
---|---|
Resource/Resource Pool Name |
The name of the CloudBees CD/RO resource or resource pool that need to be deleted. Precedence is given to resources to be deleted. Azure VMs attached to the resources will also be deleted. (Required) |
JobStep Timeout |
Timeout for the step execution in minutes. Blank means no timeout. |

Release notes
EC-Azure 1.1.5
-
CreateVM procedure has been enhanced to support Resource Group Names for Storage Account and VNet that can be different from the Resource Group Name of the VM.
EC-Azure 1.1.4
-
Configured the plugin to allow the ElectricFlow UI to create configs inline of procedure form.
-
Configured the plugin to allow the ElectricFlow UI to render the plugin procedure parameters entirely using the configured form XMLs.
-
Enabled the plugin for managing the plugin configurations in-line when defining an application process step or a pipeline stage task.
EC-Azure 1.1.3
New plugin version supports Azure Resource Manager Deployment Model instead of Azure Classic. Azure Classic deployment model is no longer supported in this version.
Plugin is cross-platform now, that is, this plugin can work on Linux systems along with Windows.
Added Dynamic Environments support to EC-Azure plugin.
EC-Azure plugin can now be found under the Resource Management category instead of Deploy category. This is similar to EC-EC2 and EC-OpenStack plugins.
The following procedures have been removed while migrating the plugin to Microsoft Azure’s Resource Manager deployment model:
-
Create Hosted Service
-
Create Storage Account
-
Get Storage Account Keys
-
Create Container
-
Put Blob
-
Create Deployment
-
Get Operation Status
-
Delete Container
-
Delete Blob
-
Delete Storage Account
-
Delete Hosted Service
EC-Azure 1.1.0
Updated the Create Configuration procedure.
Added the following new procedures:
-
Create or Update Database
-
Create or Update NetworkSecurityGroup
-
Create or Update NetworkSecurityRule
-
Create or Update Subnet
-
Create VM
-
Create Vnet
-
Delete Vnet
-
Delete Database
-
Delete NetworkSecurityGroup
-
Delete NetworkSecurityRule
-
Delete Subnet
-
Delete VM
-
NoSQL Operations
-
Restart VM
-
Start VM
-
Stop VM
-
SQL Operations
-
TearDown
EC-Azure 1.0.0
-
Configuration Management
-
Procedures: 'Create Hosted Service',Create Storage Account','Get Storage Account Keys','Create Container', 'Put Blob','Create Deployment', 'Get Operation Status','Delete Container', 'Delete Blob', 'Delete Storage Account' and 'Delete Hosted Service'.
-
Implemented Console Application AzureRequest.exe.
-
Implemented GWT parameter panels.
-
Implemented XML parameter panels.
-
Implemented postp matchers.
-
Added Help link to each procedure.
-
Added a detailed Use Case.