Task 04: Create Environments
DOCUMENT CATEGORY: Runbook Step
SCOPE: Deployment environment creation
PURPOSE: Create deployment environments for infrastructure automation MASTER REFERENCE: Azure Pipelines Environments
Status: Active
Objective
Create deployment environments to manage infrastructure using IaC and automation. Environments provide deployment targets with optional protection rules and approval gates.
Prerequisites
- Project settings configured (Task 03)
- Admin / Maintainer role on the project
Environment Naming Convention
Use consistent naming across all platforms:
| Cloud/Service | Example Names |
|---|---|
| Azure Production | azr-prod-us, azr-prod-eu |
| Azure Development | azr-dev-us |
| Azure Staging | azr-staging |
Procedure
- GitHub
- GitLab
- Azure DevOps
Create Environments
- Navigate to Settings → Environments
- Click New environment
- Enter the environment name (e.g.,
azr-prod-us) - Click Configure environment
Configure Protection Rules
For production environments, add protection rules:
| Setting | Value |
|---|---|
| Required reviewers | ✅ Add 1–2 required reviewers |
| Wait timer | Optional — add delay before deployment (minutes) |
| Deployment branches | main only (select Selected branches → add main) |
Repeat for each environment in the naming convention table above.
GitHub Environments integrate with GitHub Actions via the environment: key in workflow YAML. Protection rules automatically gate deployments.
References: GitHub — Using environments for deployment
Create Environments
- Navigate to the project in GitLab
- Select Operate → Environments
- Click New Environment
- Enter the environment name (e.g.,
azr-prod-us) - Leave External URL blank
- Click Save
Repeat for each environment in the naming convention table above.
Configure Protection (Optional)
For production environments:
- Navigate to Settings → CI/CD → Protected Environments
- Select the environment
- Set Allowed to deploy to the appropriate role or group
GitLab Environments are referenced in .gitlab-ci.yml via the environment: keyword. Protected environments require approval before deployment jobs run.
References: GitLab — Environments and deployments
Create Environments
- Navigate to Pipelines → Environments
- Click New environment
- Enter the environment name (e.g.,
azr-prod-us) - Select None for Resource (environments are used as deployment targets)
- Click Create
Repeat for each environment in the naming convention table above.
Configure Approvals and Checks
For production environments:
- Open the environment → click ⋮ (more options) → Approvals and checks
- Add Approvals:
- Add 1–2 required approvers
- Set timeout (e.g., 72 hours)
- Optionally add Branch control:
- Allowed branches:
refs/heads/main
- Allowed branches:
Azure DevOps Environments are referenced in YAML pipelines via the environment: key in deployment jobs. Approvals and checks automatically gate deployments.
References: Azure DevOps — Create and target an environment
Verification
- Environment created for each deployment target
- Environment names follow naming convention
- Production environments have protection rules / approval gates configured
Next Steps
Configure Environment Variables
References
- GitHub — Using environments for deployment
- GitLab — Environments and deployments
- Azure DevOps — Create and target an environment
Variables from variables.yml
| Variable | Config Path | Example |
|---|---|---|
| Environment Names | cicd.environments[].name | dev, staging, production |
| Approval Required | cicd.environments[].approval_required | true |
| Approvers | cicd.environments[].approvers | platform-team@contoso.com |
Scripts for this task are located in the azurelocal-toolkit repository under scripts/deploy/ in the appropriate task folder.
Alternatives
The procedures in this task use the scripted methods shown in the tabs above. Additional deployment methods including Azure CLI and Bash scripts are available in the azurelocal-toolkit repository under scripts/deploy/.
| Method | Description |
|---|---|
| Azure CLI | PowerShell-based Azure CLI scripts for Azure resource operations |
| Bash | Linux/macOS compatible shell scripts for pipeline environments |
Navigation
| Previous | Up | Next |
|---|---|---|
| ← Task 03: Configure Project Settings | Phase 01: CI/CD Setup | Task 05: Configure Environment Variables -> |
Troubleshooting
| Issue | Cause | Resolution |
|---|---|---|
| Environment creation fails | Insufficient permissions | Verify user has environment creation rights |
| Approval gates not configuring | Environment policy restrictions | Check organization-level environment policies |
Version Control
| Version | Date | Author | Changes |
|---|---|---|---|
| 1.0.0 | 2025-03-25 | Azure Local Cloud | Initial release |