Skip to content

Post Deployment tasks

Jump to bottom
Ken Hoover edited this page Jun 22, 2023 · 2 revisions

Post-Deployment Configuration

This section discusses the configuration that needs to be done on the SRE after a successful deployment.

Configure the Connection to M365 for Sending Approval Emails

This task is needed to authorize the SRE automation to use your M365 environment to send email to the approver when a data movement request is made.

To perform the authorization, follow these steps:

  1. Log into the Azure portal as the user who will be the approver for the SRE.

  2. Select the subscription that contains the SRE (click on the gold key on the "Home" page to see a list of subscriptions).

  3. Click on "Resource Groups" on the left side

  4. Find the resource groups in the lists which have the name, environment and identifier for the SRE instance that you just deployed and click on the one that has "storage" in the name like arllab-storage-rg-prd-eastus-01

  5. In the list of resources, look for api-office365 and click on it.
    api-office365 connector

  6. There should be a warning at the top of the screen that opens that says "Test Connection failed" near the top of the screen. Click on the error message to open the "Edit API connection" screen.
    Test Connection Failed

  7. Click on the large "Authorize" button and follow the prompts to authorize the connection. You will be asked to authenticate to Office365. Use the same account that you used to log into the Azure portal.

  8. When the authorization is complete, click on the "Save" button at the bottom of the screen.

  9. After a few seconds you should get a success message in the top right corner of the Azure portal saying that the API configuration change was successful.
    API Update Success

Configure Azure Virtual Desktop Access for your SRE

If you selected "No" when asked if you wanted to add Azure Virtual Desktop to access the enclave then you can skip this section.

This section describes how to configure your Azure Virtual Desktop environment to make the SRE visible to authorized users. Users who are not granted access will not see the option to connect to this SRE instance in their AVD environment.

Follow these steps:

  1. Log into the Azure portal as the user who will be the approver for the SRE.
  2. Select the subscription that contains the SRE (click on the gold key on the "Home" page to see a list of subscriptions).
  3. Click on "Resource Groups" on the left side
  4. Find the resource group in the lists which have the name, environment and identifier for the SRE instance that you just deployed and click on the one that has "access" in the name like arllab-access-rg-prd-eastus-01
  5. In the list of resources, look for an object of type Application Group with a name like arllab-ag-prd-eastus-01 and click on it.
    Applicatioon Group
  6. Click on Assignments in the left menu.
    Assignments Button
  7. Click on the Add button at the top of the screen
  8. In the panel that opens on the right, type the name of a group containing the people who need to access this SRE environment. When it appears, click on it so it jumps to the "Selected Items" area in the lower half of the screen. If you don't have a group, you can list individual users as well - just enter them and select them one at a time. Using groups is strongly recommended. If you don't have a group with the correct people in it, your IT team should be able to create one for you easily.
  9. When the correct groups/users are all in the "Selected Items" section, click "Select" at the bottom to save them. After a few moments they should appear in the list of assignments.
  10. If the list is correct, click the "X" in the top right corner to close the panel.
Clone this wiki locally