February 1, 2023

Azure DevOps’ Free Build Agent

Azure DevOps

IT Tips & Insights: Learn a simple workaround for a limitation in Azure DevOps’ free build agent using AWS Tools for Windows PowerShell script.

By Oleg Shalnov, DevOps Engineer

As you all know, in Azure DevOps you can use a free build agent with one limitation – no static IP address. It may generate, but there will be a lot of problems (DB deployment, Firewall troubles, etc.). If you open a ticket to MS Support, they will ask you to open all Regions in your Firewall (thousands of IPs).

There is an easy workaround for AWS that allows you to remove the security rule: Add the AWS Tools for Windows PowerShell script. 

Here’s how to do it in three steps:

Step 1:

$ip = (Invoke-WebRequest -uri “https://api.ipify.org/”).Content

Write-Host “$ip 1 step”

Write-Host “##vso[task.setvariable variable=IP]$ip”

Step 2:

$allow = @{IpProtocol=”tcp”; FromPort=”1433″; ToPort=”1433″; IpRanges=”$(ip)/32″}

Grant-EC2SecurityGroupIngress -GroupID sg-805f89e8 -IpPermission @($allow)

Step 3:

$allow = @{IpProtocol=”tcp”; FromPort=”1433″; ToPort=”1433″; IpRanges=”$(ip)/32″}

Revoke-EC2SecurityGroupIngress -GroupID sg-805f89e8 -IpPermission @($allow)

These steps will automatically add a temporary security rule to AWS, and in many cases (for DB upgrade) will remove all the rules created earlier.


Hey All, I’m an Azure Infrastructure Architect here at Softensity. I have more than 10 years of experience with Azure and Microsoft365 and more than 15 with Microsoft. The last few years I’ve been helping clients with migration to Azure Cloud — to develop, build, create and secure a cloud journey.

Join Our Team


Let’s Talk