Adding a custom read-only group

  • Last update on May 30th, 2025

Configuration Manager SaaS is hosted on CoreView's cloud infrastructure, so no access to Azure DevOps required. This article does not apply to Configuration Manager SaaS.

 

If you would like to create a custom group for read-only users, do the following:

Step 1: Azure DevOps

Step 2: create the new group

  • Select the project containing the desired tenants > “Project Settings” > “Permissions
  • Add a “New Group
  • Select the newly created group and edit the following:
    • Under “Permissions”, set View permissions for this node to “Allow
    • Under “Members”, add users you would like to have read-only access
    • Ensure under “Member of”, “Project Valid Users” is added

Step 3: associate the group to the project

  • Select the project containing the desired tenants > “Project Settings
  • Select “Repositories
    • Under “All Repositories”, select the “Security” tab. Use the search bar to add the group in question.
    • Set permissions accordingly. 
      For read-only, you will need to set the following scopes to “Allow”: read, contribute to pull requests

Step 4: associate the group to the pipeline

  • Select the project containing the desired tenants > “Pipelines
    • Select the “More Options” (three dots in top right) > “Manage security
    • Use the search bar to add the group you created earlier
    • Set permissions accordingly. 
      For read-only, you will need to set the following scopes to “Allow”: view builds, view build pipelines

Step 5: ensure the custom group has appropriate access to the DevOps service connections

  • Select the project containing the desired tenants > “Project Settings” > “Service connections
  • Do the following for both simeoncloud and simeoncloud-packages
    • Click the three dots in the top right corner > “Security
    • Ensure the custom group is added with User-level access