Prerequisites
- Organization Owner in Azure DevOps
- Administrator Access in Vanta
- Third-party applications access via OAuth is enabled
Procedure
- From the left-hand navigation panel, select Integrations
- Select the Available tab, and search for Azure DevOps
- Select Connect
-
A pop-up modal will appear with instructions to verify your permissions, and to configure read/write or read only access. Select Connect Azure DevOps when you are ready to proceed
Common Issues
Depending on the number of resources, it may take some time for them to populate. You should see a message confirming they are loading, which can be left to run in the backgroundTo check that you have enabled access to third-party applications via OAuth, navigate to your organization's Settings page. Then, in the sidebar, under the "Security" section. Go to the "Policies" page. Under "Application connection policies", Third-party application access via OAuth should be enabled.
If no resources are visible when the scan has finished, please check the following:
- Navigate to the DevOps home page and confirm you can see "Organization Settings". If not, you will need to verify you're using an account that is the "organization" owner.
- Please ensure that the user is a project admin using the instructions from Azure's support article here
- To check that you have enabled access to third-party applications via OAuth, navigate to your organization's Settings page. In the sidebar, under the "Security" section. Go to the "Policies" page. Under "Application connection policies", Third-party application access via OAuth should be enabled.
- Ensure the project's Version Control is 'Git'. Vanta does not support TFVC at the moment.
Updated