Do you guys know how to dynamically manage (scripts, API, off-the-shelf solution...) the replacement of members coming from Azure AD with proprietary rights in Azure DevOps organizations and also in Azure DevOps projects (which are inside these organizations)
Thanks for your(s) answer(s)
Related
can you please help us with the best practices in terms of managing the organization interms of Azure Devops.
Is it suggested to use two different Azure Devops organization for Development and Production.
How the mobility of resources between organization is supported?
How the resources(pipelines,repos,testplans,boards) can be shared accros organization in Azure Devops?
what is the microsoft recommendations of maintaining the multiple Azure Devops Organizations?
There are very few cases to create multiple Azure devops organizations since you can delegate access through project collection administrators to multiple projects. The main reason to create a separate org is for legal or administrative requirements where the two sets of repos/board/pipelines need to be separated and can't have a shared org administrator.
https://github.com/MicrosoftDocs/azure-devops-docs/blob/master/docs/user-guide/plan-your-azure-devops-org-structure.md
I would like to have some Azure DevOps organisation specific configuration settings that can be consumed by Azure Pipelines. So far I have only seen the "library" which is project specific.
Is there anything that I can use on an organisation level?
Thank you
I am afraid there is no out-of-the-box option in azure devops to set the variable group on organization level, variable groups is in Team project level.
Until now, in our official feature suggestion for Azure Devops forum, there has been a such suggestion exist in it: Library of Variable and Task groups shared between all projects. You can comment and vote it there. Our PM and Product Group are reviewing these suggestion regularly and considering take it as plan.
As a workaround, you can use the Azure Key Vault task to pull data from Azure Key Vault. You can have as many Vaults as you like and use in one or all projects.
I have just set up an Azure Devops account and tried to create organizations for the companies I work for. Both names had been taken, which surprised me. We have GitHub organizations with the same names, so need the same names for the Devops pipelines. Is it possible that Azure Devops sees these names as taken because GitHub organizations exist with the same names? If not, is there anyway of finding out who owns the Azure Devops organizations to see if they are active?
First
The names don't have to be the same, your GitHub organization and your Azure DevOps organization can each have their own name. You can even connect multiple Azure DevOps organizations to the same GitHub or connect multiple GitHub repositories to a single Azure DevOps.
Second
There is no relation between Azure DevOps Organization names and GitHub. An org on one won't reserve the name on the other platform or vice versa.
Third
You can contact Azure support to have them contact the owners of the organizations. If you are lucky, the organizations are already connected to your AAD, in which case support can reset the owner. If the account is owned by a MSA or a different company, things will be a bit harder.
I have the need to be able to create completely new Azure DevOps organizations from scratch. I have tried with azure devops cli but there just seems to be no way to do it.
I already checked MS documentation but it only mentions the manual way through a browser to do so.
Is this even possible?
Is this even possible?
As far as I know it is not possible to create organizations in Azure DevOps programmatically. You can create Projects, Work Items or Teams through Rest API but not Organizations.
In addition, please also refer to Use Azure DevOps REST API to Delete organizations / accounts? Where you can see there isn't a way to automate delete an organization currently too.
I have been struggling to find a guidance or best practice documentation for new Azure Tenant who want to start the Azure DevOps Service journey.
The Azure DevOps documentation is created in a piece meal approach and there is no proper documentation about such guidance and it is maddening to scan through several Azure DevOps product/feature to figure out the content I wanted.
From the documentation, I understand that one needs to create Azure Organization and project structure etc. and then users within the AAD (Company's MAC tenant) can be added to Organization or at project level to collaborate.
But if I am a new Organization or Entity that has just acquired a Azure Commercial Cloud subscription then what are the guidelines to setup my Azure DevOps organization?
E.g. Do I have to be a Global Admin of my Azure Commercial
Subscription to first start the Azure DevOps Organization? Or can I be
a Admin for Dev/Test Subscription and then start the Azure DevOps
Organization? Can I use my Dev/test subscription to create Azure
DevOps organization? What are some limitation or restruction with regard to my Azure Subscription in terms of ability to create Azure DevOps organization? What roles are advised to initiate the Organization creation process?
Where is the guidance documentation or best practice documentation around it so we can put a proper governance structure on Azure DevOps - organization/project and users etc.
Here are some high level prerequisite for setting up Azure DevOps Service:
You must have a tenant in Azure Commercial or Public Cloud. You can still deploy and build on other cloud or on-premise. You need public cloud to host your DevOps Org and project configuration and optionally to host the git based code repo.
You need a Subscription in Azure Public cloud tenant
You will need a user with Account Admin, Service Admin or Subscription Admin level privileges to create first DevOPs Organization
After creating the DevOps Organization, Users (scrum master, Managers, developers and testers ) can be invited to these organization from DevOps Organization settings
Users who have Visual Studio (VS) Enterprise licenses will see most of the features in the Azure DevOps Service Organization. So having a Visual Studio Enterprise or professional license subscription is useful and these users are counted as free for Azure DevOps service user pool. These VS license already come with benefit attached and part of those benefit is the access to Azure DevOps service.
It will be greatly beneficial for Admin team (devOps Org management team) to try to understand how Azure DevOps Service Access levels and permission works and how they are mapped to different Visual Studio licenses and how to configure these access for different role of users. You can find useful information in this regard on AzureDocs.
You do not need to have Visual Studio license (it is optional) to use Azure DevOps Service. By default Azure DevOps service is free for small team of 5 developers with limited access to features. So small organization can immediately start using it within their Enterprise Account or Pay-as-you-go subscription. You can add users to your Azure DevOps Service organization irrespective of if they have VS licenses and you can pay for their subscription on a monthly basis.
Also, I will highly recommend training course from Microsoft Learn website on Azure DevOps Service to get excellent understanding of prerequisite and features of Azure DevOps Service. Just search for DevOps keyword and you will find number of courses with different modules that will provide step by step instructions on setting up your first Azure DevOps Service Organization to integrating with GitHub and building pipeline, static code analysis etc.