How to Add Dev Team and Resources to Azure Dev and Prod Environment

Migrating applications to Microsoft Azure requires careful planning of resources and secure access for your development team. In this guide, we’ll walk you through how to size resources, set up separate development and production environments, and give your team the right access using Azure Migrate and RBAC (Role-Based Access Control).

Step 1: Plan Resources with Azure Migrate

The first step in any Azure migration is understanding the current workload. Azure Migrate helps you scan your existing infrastructure and recommends the right VM sizes, storage, and other resources.

How to do it:

1. Log in to Azure Portal.
2. Search for Azure Migrate and create a new project.
3. Download and deploy the Azure Migrate appliance in your current environment.
4. Run a discovery scan to collect CPU, RAM, disk, and network utilization.
5. Review the assessment report, which recommends Azure VM sizes and specifications.

This ensures your dev and prod resources in Azure match (or improve on) your current setup.

Step 2: Create Separate Dev and Prod Environments

Keeping development and production isolated is a best practice to avoid downtime and cost overruns.

How to do it:

1. In Azure Portal, create two Resource Groups:
   • RG-AppName-Dev
   • RG-AppName-Prod
2. Deploy resources (VMs, storage, databases, load balancers) in the right group.
3. Apply naming conventions (e.g., vm-app-dev-eastus, vm-app-prod-eastus) for clarity.
4. Use Azure Policy to enforce standards like VM size restrictions or approved regions.

Step 3: Add Development Team to Azure

Your dev team needs controlled access to these environments. Azure AD and RBAC make this easy.

How to do it:

1. Go to Azure Active Directory > Users.
   • Add team members or invite them as guest users.
2. Create security groups in Azure AD:
   • DevTeamGroup → will have Contributor access to Dev.
   • OpsTeamGroup → will have Reader/Contributor access to Prod.
3. Assign roles at the Resource Group level:
   • Dev group → Contributor on RG-AppName-Dev.
   • Ops group → Reader (or stricter role) on RG-AppName-Prod.

Tip: Only give production write access to trusted admins; keep developers limited to Dev.

Step 4: Enable CI/CD for Safer Access

Instead of allowing developers to deploy directly in production, use automation.

• Azure DevOps Pipelines or GitHub Actions can push changes from Dev → Prod.
• Developers commit code, pipelines build/test it in Dev, then promote to Prod with approvals.

Step 5: Secure and Monitor Resources

1. Use Azure Monitor and Application Insights for performance monitoring.
2. Set up Azure Backup and Site Recovery for production workloads.
3. Apply NSGs and firewalls to restrict external traffic.
4. Track costs separately for Dev and Prod using Azure Cost Management.

By using Azure Migrate for right-sizing resources, creating separate dev/prod groups, and applying RBAC, you can ensure a secure and efficient migration. With proper monitoring and CI/CD, your development team can innovate safely without impacting production.