How to create access control (IAM) with Dynamics deployment service

Olumide Akorede 0 Reputation points
2023-07-21T12:57:32.22+00:00

LCS deployment service to work on the azure subscription through Azure connectors

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
884 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 37,141 Reputation points Microsoft Employee
    2023-07-21T19:05:22.54+00:00

    Hi @Olumide Akorede ,

    Before setting up the Azure deployment service, note that you need to complete the prerequisites of creating an LCS project , being signed in with an account that has Azure tenant global administrator rights and subscription Owner permissions, and having a valid billable Azure subscription.

    To get the LCS deployment service to work on the Azure subscription, you need to follow the steps in How to create access control (IAM) with Dynamics deployment service:

    First, you need to grant admin consent by going to the ALCS project > Environments section > Microsoft Azure settings > Project settings > Azure connectors > Authorize .

    Next, you need to Provide Dynamics Deployment Services access to your Azure subscription

    1. Go to Microsoft Azure billing and select your subscription. Dynamics Deployment Services needs to access this subscription to be able to deploy environments.Azure Subscription Details.
    2. Select Access control (IAM) in the navigation pane, and then select Add role assignment.
    3. In the slider on the right side, select Contributor role, and in the list provided, find and select Dynamics Deployment Services.
    4. Select Save.

    Then, you need to Add a subscription connector to an LCS project:

    1. In your LCS project, on the Microsoft Azure settings page, select Add to add a new connector.
    2. Enter your Azure subscription ID. You can find your Azure subscription ID in the Azure portal, under Settings in the lower left of the screen.
    3. In the Configure to use Azure Resource Manager field, select Yes.
    4. Make sure Azure's Subscription AAD Tenant Domain matches the domain-owning Azure subscription that you are using, and select Next.
    5. On the Microsoft Azure Setup screen, select Next to confirm. If you receive an error on this screen, return to the section Provide Dynamics Deployment Services access to Azure subscription in this article and make sure you have completed all of the steps.
    6. Download the Azure Management Certificate to a local folder on your computer. Ask your Azure subscription administrator to upload the certificate to Azure Management Portal by selecting the subscription and going to Settings > Management Certificates. This certificate enables LCS to communicate with Azure on your behalf. You can skip this step if your user has access to the subscription.
    7. Select Next.
    8. Select the Azure region to deploy in and select a data center that is close to where you plan to use this system.
    9. Select Connect.

    If you run in to any specific issues or errors, feel free to share those here and I will gladly help troubleshoot.

    If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar issues.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.