Configure Tanzu Dev Tools in the Azure Spring Apps Enterprise plan
Note
The Basic, Standard, and Enterprise plans will be deprecated starting from mid-March, 2025, with a 3 year retirement period. We recommend transitioning to Azure Container Apps. For more information, see the Azure Spring Apps retirement announcement.
The Standard consumption and dedicated plan will be deprecated starting September 30, 2024, with a complete shutdown after six months. We recommend transitioning to Azure Container Apps. For more information, see Migrate Azure Spring Apps Standard consumption and dedicated plan to Azure Container Apps.
This article applies to: ❎ Basic/Standard ✅ Enterprise
This article describes how to configure VMware Tanzu Dev Tools. Dev Tools includes a set of developer tools to help make the development experience easier for both the inner and outer loop. Currently, Dev Tools includes Application Live View and Application Accelerator for use with the Azure Spring Apps Enterprise plan.
Dev Tools Portal is a centralized portal that you can use to access any Dev Tools. You can use Dev Tools Portal to view the applications and services running for your organization. In this article, you learn how to use Dev Tools Portal to configure single sign-on (SSO) and endpoint exposure so that you can get access to any Dev Tools.
Prerequisites
An Azure subscription. If you don't have an Azure subscription, create a free account before you begin.
Understand and fulfill the Requirements section of Enterprise plan in Azure Marketplace.
Azure CLI with the Azure Spring Apps extension. Use the following command to remove previous versions and install the latest extension. If you previously installed the
spring-cloud
extension, uninstall it to avoid configuration and version mismatches.az extension remove --name spring az extension add --name spring az extension remove --name spring-cloud
Custom roles that delegate permissions to Azure Spring Apps resources. For more information, see How to use permissions in Azure Spring Apps.
Configure Dev Tools Portal
Dev Tools Portal supports authentication and authorization using single sign-on (SSO) with an OpenID identity provider (IdP) that supports the OpenID Connect Discovery protocol.
Note
Azure Spring Apps supports only authorization servers that support the OpenID Connect Discovery protocol. Make sure to configure the external authorization server to allow redirects back to the Dev Tools Portal. See your authorization server's documentation and add https://dev-tool-portal-external-url/oauth2/callback
to the list of allowed redirect URIs.
The following table describes SSO properties:
Property | Required? | Description |
---|---|---|
metadataUri |
Yes | The URI of a JSON file with generic OIDC provider configuration. The result is expected to be an OpenID Provider Configuration Response. |
clientId |
Yes | The OpenID Connect client ID provided by your IdP. |
clientSecret |
Yes | The OpenID Connect client secret provided by your IdP. |
scopes |
Yes | A list of scopes to include in JSON Web Token (JWT) identity tokens. This list should be based on the scopes allowed by your identity provider. |
Note
If you configure an SSO property incorrectly, such as providing the wrong password, remove the property and add it again with the correct configuration.
You can configure Dev Tools Portal using the Azure portal or Azure CLI.
Use the following steps to configure Dev Tools Portal using the Azure portal:
- Open the Azure portal.
- Select Developer Tools.
- Select the Configuration tab.
- On the Configuration page, update Scope, Client ID, Client Secret, and Metadata Url, and then select Save.
- Select Assign endpoint to expose the public endpoint.
Assign public endpoint
You can assign a public endpoint using the Azure portal or Azure CLI.
Use the following steps to access Dev Tools Portal and assign a public endpoint:
- Select Developer Tools.
- Select Assign endpoint to assign a public endpoint. Azure Spring Apps generates a URL within a few minutes.
- Save the URL for use later. Application Live View and Application Accelerator will then get their corresponding endpoints.