Currently, I am trying to establish Azure DevOps pipeline to deploy into Azure App service. While Creating Pipeline it is looking for Azure Subscription. After selecting Azure Subscription it is telling that need to set up active directory.
My Question is:
IAM is not enough? 
To deploy your app to an Azure resource (to an app service or to a virtual machine), you need an Azure Resource Manager service connection.
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/connect-to-azure?view=vsts
When you have code that needs to access or modify resources, you can create an identity for the app. This identity is known as a service principal. You can then assign the required permissions to the service principal. This article shows you how to use the portal to create the service principal. It focuses on a single-tenant application where the application is intended to run within only one organization. You typically use single-tenant applications for line-of-business applications that run within your organization.
