Skip to content

Commit 2cfbe4f

Browse files
authored
Merge pull request #296518 from v-albemi/create-dev-center
Freshness Edit: Azure Deployment Environments Set 2
2 parents d011d60 + f94cfa0 commit 2cfbe4f

File tree

1 file changed

+31
-33
lines changed

1 file changed

+31
-33
lines changed

articles/deployment-environments/how-to-create-configure-dev-center.md

Lines changed: 31 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,29 @@
11
---
22
title: Create and configure a dev center for Azure Deployment Environments by using the Azure CLI
33
titleSuffix: Azure Deployment Environments
4-
description: Learn how to create and access a dev center for Azure Deployment Environments project using the Azure CLI.
4+
description: Learn how to create and configure a dev center for an Azure Deployment Environments project by using the Azure CLI.
55
author: renato-marciano
66
ms.author: remarcia
77
ms.service: azure-deployment-environments
88
ms.custom: devx-track-azurecli, build-2023
99
ms.topic: quickstart
10-
ms.date: 11/29/2023
10+
ms.date: 03/20/2025
11+
12+
#customer intent: As a platform engineer, I want to create and configure a dev center so that my teams can deploy applications.
1113
---
1214

1315
# Create and configure a dev center for Azure Deployment Environments by using the Azure CLI
1416

15-
This quickstart guide shows you how to create and configure a dev center in Azure Deployment Environments.
17+
In this quickstart, you create and configure a dev center in Azure Deployment Environments.
1618

1719
A platform engineering team typically sets up a dev center, attaches external catalogs to the dev center, creates projects, and provides access to development teams. Development teams can then create [environments](concept-environments-key-concepts.md#environments) by using [environment definitions](concept-environments-key-concepts.md#environment-definitions), connect to individual resources, and deploy applications.
1820

1921
## Prerequisites
2022

21-
- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
22-
- Azure role-based access control role with permissions to create and manage resources in the subscription, such as [Contributor](../role-based-access-control/built-in-roles.md#contributor) or [Owner](../role-based-access-control/built-in-roles.md#owner).
23-
- Install the [Azure CLI devcenter extension](how-to-install-devcenter-cli-extension.md).
24-
- A GitHub account and a [personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) with repo access.
23+
|Category|Requirements|
24+
|-|-|
25+
|Azure|- An [Azure subscription](https://azure.microsoft.com/free/).<br>- An Azure role-based access control role that has permissions to create and manage resources in the subscription, such as [Contributor](../role-based-access-control/built-in-roles.md#contributor) or [Owner](../role-based-access-control/built-in-roles.md#owner).<br>-The [Azure CLI devcenter extension](how-to-install-devcenter-cli-extension.md).|
26+
|GitHub|A GitHub account and a [personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) with repo access.|
2527

2628
## Create a dev center
2729

@@ -45,7 +47,7 @@ To create and configure a dev center in Azure Deployment Environments:
4547
az account set --subscription <subscriptionName>
4648
```
4749

48-
1. Configure the default location where you want to create the dev center. Make sure to choose an [available region for Azure Deployment Environments](https://azure.microsoft.com/explore/global-infrastructure/products-by-region/?products=deployment-environments&regions=all):
50+
1. Configure the default location where you want to create the dev center. Make sure to choose a [region that supports Azure Deployment Environments](https://azure.microsoft.com/explore/global-infrastructure/products-by-region/?products=deployment-environments&regions=all).
4951

5052
```azurecli
5153
az configure --defaults location=eastus
@@ -69,7 +71,7 @@ To create and configure a dev center in Azure Deployment Environments:
6971
az devcenter admin devcenter create -n <devcenterName>
7072
```
7173

72-
After a few minutes, the output indicates that it was created:
74+
After a few minutes, the output indicates that the dev center was created:
7375

7476
```output
7577
{
@@ -98,14 +100,19 @@ You need an Azure Key Vault to store the GitHub personal access token (PAT) that
98100
1. Create a key vault:
99101

100102
```azurecli
101-
# Change the name to something Globally unique
103+
# Use a globally unique name
102104
az keyvault create -n <keyvaultName>
103105
```
104106

105107
> [!NOTE]
106108
> You might get the following error:
107-
`Code: VaultAlreadyExists Message: The vault name 'kv-devcenter-unique' is already in use. Vault names are globally unique so it is possible that the name is already taken.` You must use a globally unique key vault name.
109+
`Code: VaultAlreadyExists Message: The vault name 'kv-devcenter' is already in use. Vault names are globally unique so it is possible that the name is already taken.` You must use a globally unique key vault name.
110+
111+
1. Assign yourself the Key Vault Secrets Officer RBAC role:
108112

113+
```azurecli
114+
az role assignment create --assignee <YourPrincipalId> --role "Key Vault Secrets Officer" --scope /subscriptions/<YourSubscriptionId>/resourceGroups/<YourResourceGroupName>/providers/Microsoft.KeyVault/vaults/<YourKeyVaultName>
115+
109116
1. Add the GitHub PAT to Key Vault as a secret:
110117
111118
```azurecli
@@ -114,38 +121,29 @@ You need an Azure Key Vault to store the GitHub personal access token (PAT) that
114121

115122
## Attach an identity to the dev center
116123

117-
After you create a dev center, attach an [identity](concept-environments-key-concepts.md#identities) to the dev center. You can attach either a system-assigned managed identity or a user-assigned managed identity. Learn about the two [types of identities](how-to-configure-managed-identity.md#add-a-managed-identity).
124+
After you create a dev center, attach an [identity](concept-environments-key-concepts.md#identities) to the dev center. You can attach either a system-assigned managed identity or a user-assigned managed identity. For information, see [Add a managed identity](how-to-configure-managed-identity.md#add-a-managed-identity).
118125

119126
In this quickstart, you configure a system-assigned managed identity for your dev center.
120127

121128
### Attach a system-assigned managed identity
122129

123-
To attach a system-assigned managed identity to your dev center:
130+
Attach a system-assigned managed identity to your dev center:
124131

125132
```azurecli
126133
az devcenter admin devcenter update -n <devcenterName> --identity-type SystemAssigned
127134
```
128135

129-
### Give the system-assigned managed identity access to the key vault secret
130-
131-
Make sure that the identity has access to the key vault secret that contains the GitHub PAT to access your repository. Key Vaults support two methods of access; Azure role-based access control or vault access policy. In this quickstart, you use a vault access policy.
132-
133-
1. Retrieve the Object ID of your dev center's identity:
136+
### Grant the system-assigned managed identity access to the key vault secret
134137

135-
```azurecli
136-
OID=$(az ad sp list --display-name <devcenterName> --query [].id -o tsv)
137-
echo $OID
138-
```
139-
140-
1. Add a Key Vault policy to allow the dev center to get secrets from Key Vault:
138+
Make sure that the identity has access to the key vault secret that contains the GitHub PAT for accessing your repository. Key vaults support two methods of access: Azure role-based access control (RBAC) and vault access policy. In this quickstart, you use RBAC:
141139

142-
```azurecli
143-
az keyvault set-policy -n <keyvaultName> --secret-permissions get --object-id $OID
144-
```
140+
```azurecli
141+
az role assignment create --role "Key Vault Secrets Officer" --assignee <devCenterManagedIdentityObjectID> --scope /subscriptions/<subscriptionID>/resourcegroups/<resourceGroupName>/providers/Microsoft.KeyVault/vaults/<keyVaultName>
142+
```
145143

146144
## Add a catalog to the dev center
147145

148-
Azure Deployment Environments supports attaching Azure DevOps repositories and GitHub repositories. You can store a set of curated IaC templates in a repository. Attaching the repository to a dev center as a catalog gives your development teams access to the templates and allows them to quickly create consistent environments.
146+
Azure Deployment Environments supports attaching Azure DevOps repositories and GitHub repositories. You can store a set of curated IaC templates in a repository. Attaching the repository to a dev center as a catalog grants your development teams access to the templates and allows them to quickly create consistent environments.
149147

150148
In this quickstart, you attach a GitHub repository that contains samples created and maintained by the Azure Deployment Environments team.
151149

@@ -162,7 +160,7 @@ You can use this [sample catalog](https://github.com/Azure/deployment-environmen
162160
163161
1. Navigate to your repository, select **<> Code**, and then copy the clone URL.
164162
1. Make a note of the branch that you're working in.
165-
1. Take a note of the folder that contains your environment definitions.
163+
1. Make a note of the folder that contains your environment definitions.
166164

167165
:::image type="content" source="media/how-to-create-configure-dev-center/github-info.png" alt-text="Screenshot that shows the GitHub repo with branch, copy URL, and folder highlighted." lightbox="media/how-to-create-configure-dev-center/github-info.png":::
168166

@@ -175,11 +173,11 @@ You can use this [sample catalog](https://github.com/Azure/deployment-environmen
175173
echo $SECRETID
176174
```
177175

178-
1. Add the catalog.
176+
1. Add the catalog:
179177

180178
```azurecli
181179
# Sample catalog example
182-
REPO_URL="https://github.com/Azure/deployment-environments.git"
180+
REPO_URL="<clone URL that you copied earlier>"
183181
az devcenter admin catalog create --git-hub path="/Environments" branch="main" secret-identifier=$SECRETID uri=$REPO_URL -n <catalogName> -d <devcenterName>
184182
```
185183

@@ -205,9 +203,9 @@ Use an environment type to help you define the different types of environments y
205203
az devcenter admin environment-type list -d <devcenterName> -o table
206204
```
207205

208-
## Next steps
206+
## Next step
209207

210-
In this quickstart, you created a dev center and configured it with an identity, a catalog, and an environment type. To learn how to create and configure a project, advance to the next quickstart.
208+
In this quickstart, you created a dev center and configured it with an identity, a catalog, and an environment type. To learn how to create and configure a project, go to the next quickstart:
211209

212210
> [!div class="nextstepaction"]
213211
> [Create and configure a project by using the Azure CLI](how-to-create-configure-projects.md)

0 commit comments

Comments
 (0)