Azure VPC Setup
Step-by-step guide for setting up Devin in your Azure VPC
Devin Azure VPC Deployment Guide
To enhance deployment efficiency, we recommend utilizing Terraform for automation. Please reach out to us with your GitHub details so that we can provide access to the relevant repository.
Alternatively, if Terraform deployment is not feasible, the following section outlines the prerequisites for the Devin VPC deployment along with the manual steps required to provision the infrastructure.
Networking Requirements
Note that manual configuration of the networking components is necessary. You may refer to our provided resources for guidance.
Deployment Steps
Setup Instances for Running VMs
Devin requires a host instance to run isolated virtual machines for each session.
Instance Requirements
Requirement | Details |
---|---|
Instance Type | Metal instances (Lasv3 ) |
Operating System | Ubuntu 24.04 |
Instance Sizing | - 2 vCPUs, 8GB RAM, 128GB Storage - 8 vCPUs, 32GB RAM, 128GB Storage |
Note | The instance size determines the maximum number of concurrent Devin sessions. |
Recommendation | We recommend Standard_L80as_v3 as a baseline. |
You can horizontally scale by adding more host instances to increase Devin’s capacity.
Security Group Rules
Configuration | Details |
---|---|
VPC Setup | Configure the VPC and Security Group rules |
Required Firewall Rules | Outbound 443 Internet Access to: |
frp-server-0.devin.ai | |
static.devin.ai | |
api.devin.ai |
General internet access is highly recommended but not mandatory.
Setup Storage for VMs
When Devin sessions are suspended, their state is compressed and stored in Azure Blob Storage.
Step 2.1: Grant Admin Consent
-
Open the following URL in your browser:
-
Log in as an Entra ID (Azure AD) Admin and grant consent to the Devin Enterprise App.
Step 2.2: Create a Storage Account
- In the Azure Portal, search for and select Storage Accounts.
- Click + Create.
- Set the following details:
-
Subscription: Choose your subscription
-
Resource Group: Select the resource group
-
Storage Account Name: Enter
(Replace
${CUSTOMER_NAME}
and${REGION}
with actual values) -
Region: Choose your preferred region
-
Performance: Standard
-
Redundancy: Zone-Redundant Storage (ZRS)
-
- Click Review + Create, then Create.
- Once created, navigate to your Storage Account → Settings → Resource Sharing (CORS).
- Add a row with the following values:
- Allowed Origins:
*
- Allowed Methods:
GET
- Allowed Headers:
*
- Allowed Origins:
- Click Save.
Step 2.3: Create a Managed Identity
- Navigate to Managed Identities in the Azure Portal and click + Create.
- Set the following details:
- Subscription: Choose your subscription
- Resource Group: Select the resource group where the Devin VMs were created
- Region: Select the region containing the Devin VMs
- Name:
devin-vm-identity
- Click Review + Assign.
- Visit the resource page for the Devin VMs created above and click Security → Identity in the sidebar.
- Select the User Assigned tab and click Add User Assigned Managed Identity.
- Search for
devin-vm-identity
and click Add. - Repeat steps 4-6 for any new VMs created.
Register Host Runner
Run the following command to register the host runner:
Cognition will share your AUTH_TOKEN separately. Once setup is complete, Devin will be ready to start sessions in your VPC environment.
If user devices have a firewall, whitelist the following URLs:
app.devin.ai
api.devin.ai
*.devinapps.com
Firewall: Requirements
If your organization has a firewall, whitelist the following URLs to allow Devin to function properly:
app.devin.ai
api.devin.ai
*.devinapps.com
Sample Azure WAF Rules: