Azure Landing Zones Documentation
Home GitHub Issue Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. Azure Landing Zones Documentation
  2. /
  3. Accelerator
  4. /
  5. User Guide
  6. /
  7. Phase 1 - Prerequisites
  8. /
  9. Azure DevOps
Edit page

Azure DevOps

This section details the prerequisites for Azure DevOps.

Azure DevOps Prerequisites

When you first create an Azure DevOps organization, it will not have any Microsoft-hosted agents available. If you intend to use Microsoft-hosted agents, you must either license your org or request a free pipeline.

  1. Setup billing for your organization: Set up billing for your organization
  2. Check for and request a free pipeline via the form here: Configure and pay for parallel jobs

If you choose the billing option, you’ll then need to purchase at least one parallel pipeline. You can do this by following the instructions here: Configure and pay for parallel jobs.

Azure DevOps Personal Access Token (PAT)

This first PAT is referred to as token-1.

  1. Navigate to dev.azure.com and sign in to your organization.
  2. Ensure you navigate to the organization you want to deploy to.
  3. Click the User settings icon in the top right and select Personal access tokens.
  4. Click + New Token.
  5. Enter Azure Landing Zone Terraform Accelerator in the Name field.
  6. Alter the Expiration drop down and select Custom defined.
  7. Choose tomorrows date in the date picker.
  8. Click the Show all scopes link at the bottom.
  9. Check the following scopes:
    1. Agent Pools: Read & manage
    2. Build: Read & execute
    3. Code: Full
    4. Environment: Read & manage
    5. Graph: Read & manage
    6. Pipeline Resources: Use & manage
    7. Project and Team: Read, write & manage
    8. Service Connections: Read, query & manage
    9. Variable Groups: Read, create & manage
  10. Click Create.
  11. Copy the token and save it somewhere safe.
  12. Click Close.

If you are using self-hosted runners, you will need to create a second PAT that we’ll refer to as token-2 for them. You can do this by following the steps above with the following differences:

  1. Select the maximum value for the Expiration field (this allows up to 1 year).

    You may want to set a shorter expiration date for security reasons. In either case, you will need to have a process in place to extend expiration the token before it expires.

  2. Select only the Agent Pools: Read & manage scope.

gdoc_arrow_left_alt Platform Subscriptions and Permissions GitHub gdoc_arrow_right_alt