If you would like to create a custom group for read-only users, do the following:
Step 1: Azure DevOps
- Navigate to Azure DevOps
Step 2: create the new group
- Select the project containing the desired tenants > “Project Settings” > “Permissions”
- Add a “New Group”
- Select the newly created group and edit the following:
- Under “Permissions”, set View permissions for this node to “Allow“
- Under “Members”, add users you would like to have read-only access
- Ensure under “Member of”, “Project Valid Users” is added
Step 3: associate the group to the project
- Select the project containing the desired tenants > “Project Settings”
- Select “Repositories”
- Under “All Repositories”, select the “Security” tab. Use the search bar to add the group in question.
- Set permissions accordingly.
For read-only, you will need to set the following scopes to “Allow”:read, contribute to pull requests
Step 4: associate the group to the pipeline
- Select the project containing the desired tenants > “Pipelines”
- Select the “More Options” (three dots in top right) > “Manage security”
- Use the search bar to add the group you created earlier
- Set permissions accordingly.
For read-only, you will need to set the following scopes to “Allow”:view builds, view build pipelines
Step 5: ensure the custom group has appropriate access to the DevOps service connections
- Select the project containing the desired tenants > “Project Settings” > “Service connections“
- Do the following for both
simeoncloudandsimeoncloud-packages- Click the three dots in the top right corner > “Security”
- Ensure the custom group is added with
User-levelaccess