You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/deployment-environments/how-to-configure-deployment-environments-user.md
+9-7Lines changed: 9 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,16 +13,19 @@ ms.topic: how-to
13
13
14
14
# Provide access for developers to projects in Deployment Environments
15
15
16
-
In Azure Deployment Environments, development team members must get access to a specific project before they can create deployment environments. By using the built-in Deployment Environments User role, you can assign permissions to Active Directory users or groups at either the project level or the environment type level.
16
+
In Azure Deployment Environments, development team members must have access to a project before they can create deployment environments. By using the built-in roles, Deployment Environments User and Deployment Environments Reader, you can assign permissions to Active Directory users or groups at either the project level or the environment type level.
17
17
18
-
Based on the scope of access that you allow, a developer who has the Deployment Environments User role can:
18
+
When assigned at the project level, a developer who has the Deployment Environments User role can perform the following actions on all enabled project environment types:
19
19
20
20
* View the project environment types.
21
21
* Create an environment.
22
22
* Read, write, delete, or perform actions (like deploy or reset) on their own environment.
23
+
24
+
A developer who has the Deployment Environments Reader role can:
25
+
23
26
* Read environments that other users created.
24
27
25
-
When you assign the role at the project level, the user can perform the preceding actions on all environment types enabled at the project level. When you assign the role to specific environment types, the user can perform the actions only on the respective environment types.
28
+
When you assign a role to specific environment types, the user can perform the actions only on the respective environment types.
26
29
27
30
## Assign permissions to developers for a project
28
31
@@ -42,7 +45,7 @@ When you assign the role at the project level, the user can perform the precedin
42
45
43
46
:::image type="content" source="media/quickstart-create-configure-projects/add-role-assignment.png" alt-text="Screenshot that shows the Add role assignment pane.":::
44
47
45
-
The users can now view the project and all the environment types that you've enabled within it. Users who have the Deployment Environments User role can also[create environments from the Azure CLI](./quickstart-create-access-environments.md).
48
+
The users can now view the project and all the environment types enabled within it. Users who have the Deployment Environments User role can [create environments in the developer portal](./quickstart-create-access-environments.md).
46
49
47
50
## Assign permissions to developers for an environment type
48
51
@@ -65,10 +68,9 @@ The users can now view the project and all the environment types that you've ena
65
68
66
69
:::image type="content" source="media/quickstart-create-configure-projects/add-role-assignment.png" alt-text="Screenshot that shows the Add role assignment pane.":::
67
70
68
-
The users can now view the project and the specific environment type that you've granted them access to. Users who have the Deployment Environments User role can also [create environments by using the Azure CLI](./quickstart-create-access-environments.md).
71
+
The users can now view the project and the specific environment type that you granted them access to. Users who have the Deployment Environments User role can also [create environments in the developer portal](./quickstart-create-access-environments.md).
69
72
70
-
> [!NOTE]
71
-
> Only users who have the Deployment Environments User role, the DevCenter Project Admin role, or a built-in role with appropriate permissions can create environments.
Copy file name to clipboardExpand all lines: articles/deployment-environments/how-to-configure-project-admin.md
+1-2Lines changed: 1 addition & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -66,8 +66,7 @@ The users can now view the project and manage all the environment types that you
66
66
67
67
The users can now view the project and manage only the specific environment type that you've granted them access to. DevCenter Project Admin users can also [create environments by using the Azure CLI](./quickstart-create-access-environments.md).
68
68
69
-
> [!NOTE]
70
-
> Only users who have the Deployment Environments User role, the DevCenter Project Admin role, or a built-in role with appropriate permissions can create environments.
Copy file name to clipboardExpand all lines: articles/deployment-environments/how-to-create-access-environments.md
+1-2Lines changed: 1 addition & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -26,8 +26,7 @@ Creating an environment automatically creates the required resources and a resou
26
26
27
27
Complete the following steps in the Azure CLI to create an environment and configure resources. You can view the outputs as defined in the specific Azure Resource Manager template (ARM template).
28
28
29
-
> [!NOTE]
30
-
> Only a user who has the [Deployment Environments User](how-to-configure-deployment-environments-user.md) role, the [DevCenter Project Admin](how-to-configure-project-admin.md) role, or a [built-in role](../role-based-access-control/built-in-roles.md) that has the required permissions can create an environment.
Copy file name to clipboardExpand all lines: articles/deployment-environments/how-to-create-configure-projects.md
+1-2Lines changed: 1 addition & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -168,8 +168,7 @@ In this quickstart, you give access to your own ID. Optionally, you can replace
168
168
```
169
169
170
170
171
-
> [!NOTE]
172
-
> Only a user who has the [Deployment Environments User](how-to-configure-deployment-environments-user.md) role, the [DevCenter Project Admin](how-to-configure-project-admin.md) role, or a built-in role that has appropriate permissions can create an environment.
> Only users who have the [Deployment Environments User](../how-to-configure-deployment-environments-user.md) role, the [DevCenter Project Admin](../how-to-configure-project-admin.md) role, or a built-in role that has appropriate permissions can create an environment. Users who have the [Deployment Environments Reader](../how-to-configure-deployment-environments-user.md) role can view their own environments, and environments created by others.
Copy file name to clipboardExpand all lines: articles/deployment-environments/overview-what-is-azure-deployment-environments.md
+5-4Lines changed: 5 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -48,17 +48,18 @@ Developers have the following self-service experience when working with [environ
48
48
49
49
### Platform engineering scenarios
50
50
51
-
Azure Deployment Environments helps your platform engineer apply the right set of policies and settings on various types of environments, control the resource configuration that developers can create, and centrally track environments across projects by doing the following tasks:
51
+
Azure Deployment Environments helps your platform engineer apply the right set of policies and settings on various types of environments, control the resource configuration that developers can create, and track environments across projects. They perform the following tasks:
52
52
53
53
- Provide a project-based, curated set of reusable IaC templates.
54
54
- Define specific Azure deployment configurations per project and per environment type.
55
55
- Provide a self-service experience without giving control over subscriptions.
56
56
- Track costs and ensure compliance with enterprise governance policies.
-**Dev Center Project Admin**: Creates environments and manages the environment types for a project.
61
-
-**Deployment Environments User**: Creates environments based on appropriate access.
61
+
-**Deployment Environments User**: Creates environments based on appropriate access.
62
+
-**Deployment Environments Reader**: Reads environments that other users created.
62
63
63
64
64
65
## Benefits
@@ -84,7 +85,7 @@ Use APIs to provision environments directly from your preferred CI tool, integra
84
85
85
86
[Microsoft Dev Box](../dev-box/overview-what-is-microsoft-dev-box.md) and Azure Deployment Environments are complementary services that share certain architectural components. Dev Box provides developers with a cloud-based development workstation, called a dev box, which is configured with the tools they need for their work. Dev centers and projects are common to both services, and they help organize resources in an enterprise.
86
87
87
-
When configuring Deployment Environments, you may see Dev Box resources and components. You may even see informational messages regarding Dev Box features. If you're not configuring any Dev Box features, you can safely ignore these messages.
88
+
When configuring Deployment Environments, you might see Dev Box resources and components. You might even see informational messages regarding Dev Box features. If you're not configuring any Dev Box features, you can safely ignore these messages.
Copy file name to clipboardExpand all lines: articles/deployment-environments/quickstart-create-access-environments.md
+2-3Lines changed: 2 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -30,8 +30,7 @@ In this quickstart, you learn how to:
30
30
31
31
An environment in Azure Deployment Environments is a collection of Azure resources on which your application is deployed. You can create an environment from the developer portal.
32
32
33
-
> [!NOTE]
34
-
> Only a user who has the [Deployment Environments User](how-to-configure-deployment-environments-user.md) role, the [DevCenter Project Admin](how-to-configure-project-admin.md) role, or a [built-in role](../role-based-access-control/built-in-roles.md) that has appropriate permissions can create an environment.
If your environment is configured to accept parameters, you're able to enter them on a separate pane. In this example, you don't need to specify any parameters.
51
+
If your environment is configured to accept parameters, you're able to enter them on a separate pane. In this example, you don't need to specify any parameters.
53
52
54
53
1. Select **Create**. You see your environment in the developer portal immediately, with an indicator that shows creation in progress.
Copy file name to clipboardExpand all lines: articles/deployment-environments/quickstart-create-and-configure-projects.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -78,7 +78,7 @@ To configure a project, add a [project environment type](how-to-configure-projec
78
78
|---------|----------|
79
79
|**Type**| Select a dev center level environment type to enable for the specific project.|
80
80
|**Deployment subscription**| Select the subscription in which the environment is created.|
81
-
|**Deployment identity**| Select either a system-assigned identity or a user-assigned managed identity that's used to perform deployments on behalf of the user.|
81
+
|**Deployment identity**| Select either a system-assigned identity or a user-assigned managed identity to perform deployments on behalf of the user.|
82
82
|**Permissions on environment resources** > **Environment creator role(s)**| Select the roles to give access to the environment resources.|
83
83
|**Permissions on environment resources** > **Additional access**| Select the users or Microsoft Entra groups to assign to specific roles on the environment resources.|
84
84
|**Tags**| Enter a tag name and a tag value. These tags are applied on all resources that are created as part of the environment.|
@@ -108,8 +108,8 @@ Before developers can create environments based on the environment types in a pr
108
108
109
109
:::image type="content" source="media/quickstart-create-configure-projects/add-role-assignment.png" alt-text="Screenshot that shows the Add role assignment pane.":::
110
110
111
-
> [!NOTE]
112
-
> Only a user who has the [Deployment Environments User](how-to-configure-deployment-environments-user.md) role, the [DevCenter Project Admin](how-to-configure-project-admin.md) role, or a built-in role that has appropriate permissions can create an environment.
0 commit comments