Edit

Provide access to projects for developers

  • Article

This guide explains how to provide user access for Azure Deployment Environments projects.

In Azure Deployment Environments, development team members must have access to a project before they can create deployment environments. By using the built-in roles, Deployment Environments User and Deployment Environments Reader, you can assign permissions to users or groups at either the project level or the environment type level.

When assigned at the project level, a developer who has the Deployment Environments User role can perform the following actions on all enabled project environment types:

  • View the project environment types.
  • Create an environment.
  • Read, write, delete, or perform actions (like deploy or reset) on their own environment.

A developer who has the Deployment Environments Reader role can:

  • Read environments that other users created.

When you assign a role to specific environment types, the user can perform the actions only on the respective environment types.

Assign permissions to developers for a project

  1. Sign in to the Azure portal and go to Azure Deployment Environments.

  2. Select Projects from the left pane, then choose the project that you want your developers to be able to access.

  3. Select Access control (IAM) from the left pane.

  4. Select Add > Add role assignment.

  5. Assign the following role. For detailed steps, see Assign Azure roles using the Azure portal.

    Setting Value
    Role Select Deployment Environments User.
    Assign access to Select User, group, or service principal.
    Members Select the users or groups you want to have access to the project.

    Screenshot that shows the Add role assignment pane.

The users can now view the project and all the environment types enabled within it. Users who have the Deployment Environments User role can create environments in the developer portal.

Assign permissions to developers for an environment type

  1. Sign in to the Azure portal and go to Azure Deployment Environments.

  2. Select Projects from the left pane, then choose the project that you want your developers to be able to access.

  3. Select Environment types from the left pane, and then select the ellipsis (...) beside the specific environment type.

    Screenshot that shows the environment types associated with a project.

  4. Select Access control.

  5. Select Add > Add role assignment.

  6. Assign the following role. For detailed steps, see Assign Azure roles using the Azure portal.

    Setting Value
    Role Select Deployment Environments User.
    Assign access to Select User, group, or service principal.
    Members Select the users or groups you want to have access to the project.

    Screenshot that shows the Add role assignment pane for environment type.

The users can now view the project and the specific environment type that you granted them access to. Users who have the Deployment Environments User role can also create environments in the developer portal.

Note

Only users who have the Deployment Environments User role, the DevCenter Project Admin role, or a built-in role that has appropriate permissions can create an environment. Users who have the Deployment Environments Reader role can view their own environments, and environments created by others.

Related content