Configure Tanzu Dev Tools in the Azure Spring Apps Enterprise plan

Note

The Basic, Standard, and Enterprise plans will be deprecated starting from mid-March, 2025, with a 3 year retirement period. We recommend transitioning to Azure Container Apps. For more information, see the Azure Spring Apps retirement announcement.

The Standard consumption and dedicated plan will be deprecated starting September 30, 2024, with a complete shutdown after six months. We recommend transitioning to Azure Container Apps. For more information, see Migrate Azure Spring Apps Standard consumption and dedicated plan to Azure Container Apps.

This article applies to: ❎ Basic/Standard ✅ Enterprise

This article describes how to configure VMware Tanzu Dev Tools. Dev Tools includes a set of developer tools to help make the development experience easier for both the inner and outer loop. Currently, Dev Tools includes Application Live View and Application Accelerator for use with the Azure Spring Apps Enterprise plan.

Dev Tools Portal is a centralized portal that you can use to access any Dev Tools. You can use Dev Tools Portal to view the applications and services running for your organization. In this article, you learn how to use Dev Tools Portal to configure single sign-on (SSO) and endpoint exposure so that you can get access to any Dev Tools.

Prerequisites

  • An Azure subscription. If you don't have an Azure subscription, create a free account before you begin.

  • Understand and fulfill the Requirements section of Enterprise plan in Azure Marketplace.

  • Azure CLI with the Azure Spring Apps extension. Use the following command to remove previous versions and install the latest extension. If you previously installed the spring-cloud extension, uninstall it to avoid configuration and version mismatches.

    az extension remove --name spring
    az extension add --name spring
    az extension remove --name spring-cloud
    
  • Custom roles that delegate permissions to Azure Spring Apps resources. For more information, see How to use permissions in Azure Spring Apps.

Configure Dev Tools Portal

Dev Tools Portal supports authentication and authorization using single sign-on (SSO) with an OpenID identity provider (IdP) that supports the OpenID Connect Discovery protocol.

Note

Azure Spring Apps supports only authorization servers that support the OpenID Connect Discovery protocol. Make sure to configure the external authorization server to allow redirects back to the Dev Tools Portal. See your authorization server's documentation and add https://dev-tool-portal-external-url/oauth2/callback to the list of allowed redirect URIs.

The following table describes SSO properties:

Property Required? Description
metadataUri Yes The URI of a JSON file with generic OIDC provider configuration. The result is expected to be an OpenID Provider Configuration Response.
clientId Yes The OpenID Connect client ID provided by your IdP.
clientSecret Yes The OpenID Connect client secret provided by your IdP.
scopes Yes A list of scopes to include in JSON Web Token (JWT) identity tokens. This list should be based on the scopes allowed by your identity provider.

Note

If you configure an SSO property incorrectly, such as providing the wrong password, remove the property and add it again with the correct configuration.

You can configure Dev Tools Portal using the Azure portal or Azure CLI.

Use the following steps to configure Dev Tools Portal using the Azure portal:

  1. Open the Azure portal.
  2. Select Developer Tools.
  3. Select the Configuration tab.
  4. On the Configuration page, update Scope, Client ID, Client Secret, and Metadata Url, and then select Save.
  5. Select Assign endpoint to expose the public endpoint.

Assign public endpoint

You can assign a public endpoint using the Azure portal or Azure CLI.

Use the following steps to access Dev Tools Portal and assign a public endpoint:

  1. Select Developer Tools.
  2. Select Assign endpoint to assign a public endpoint. Azure Spring Apps generates a URL within a few minutes.
  3. Save the URL for use later. Application Live View and Application Accelerator will then get their corresponding endpoints.

Next steps