Overview

To improve ease of deployment, we recommend deploying via Terraform. Please contact us with your Github so we can share the repository.

If you’re opposed to that, the following outlines the requirements for the Devin VPC deployment and the manual steps to provision the infrastructure.

Networking must be configured manually, so feel free to reference our materials.

1

Setup Instances for Running VMs

RequirementDetails
Instance TypeMetal instances (Lasv3 instances with Security Type standard)
Operating SystemUbuntu 24.04
Instance Sizing- 2vCPUs, 8GB RAM, 128GB Storage
- 8vCPUs, 32GB RAM, 128GB Storage

The appropriate size can be configured depending on use-case.

The host instance size determines the maximum capacity of concurrent Devin sessions.

ProviderRecommended InstanceMinimum Baseline
AzureStandard_L80as_v3Standard_L48as_v3

You may also horizontally scale the number of hosts running to increase your Devin capacity.

Security Group Rules

ConfigurationDetails
VPC SetupConfigure the VPC and Security Group rules
Required Firewall RulesOutbound 443 internet access to:
frp-server-0.devin.ai
static.devin.ai
api.devin.ai

General internet access is highly recommended, but not mandatory.

2

Setup Storage for VMs

When Devin sessions are suspended, their state is compressed and stored. We store these in blob-storage.

1

Grant Admin Consent

  1. Open the following URL in your browser:
https://login.microsoftonline.com/organizations/adminconsent?client_id=854d72e1-0257-44f3-9df1-4ed0cc8b89a7
  1. Log in as an Entra ID (Azure AD) admin and grant consent to the Devin Enterprise App.
2

Create Storage Account

  1. In the Azure Portal, search for and select Storage accounts
  2. Click + Create
  3. Set the following:
    • Subscription: Choose your subscription
    • Resource group: Select the resource group
    • Storage account name: Enter devin${CUSTOMER_NAME}${REGION} (replace ${CUSTOMER_NAME} and ${REGION} with your values)
    • Region: Choose your desired region
    • Performance: Standard
    • Redundancy: Zone-redundant storage (ZRS)
  4. Click Review + create and then Create
  5. Once created, navigate to your storage account and select Settings -> Resource sharing (CORS)
  6. Add a row with:
    • Allowed Origins: *
    • Allowed Methods: GET
    • Allowed Headers: *
  7. Click Save
3

Create Managed Identity

  1. Navigate to the Managed Identities and click on + Create
  2. Set the following:
    • Subscription: Choose your subscription
    • Resource group: Select the resource group where the Devin VMs were created
    • Region: Select the region which contain the Devin VMs
    • Name: devin-vm-identity
  3. Click Review + assign
  4. Visit the resource page for the Devin VMs created above and click on Security > Identity in the sidebar
  5. Select the User assigned tab, and click Add user assigned managed identity
  6. Search for devin-vm-identity and click Add
  7. Repeat steps 4-6 for any new VMs created
3

Register Host Runner

Run the following command:

curl -sSL https://api.devin.ai/hypervisor/setup?token=AUTH_TOKEN -o setup.sh && bash setup.sh

We will share with you the AUTH_TOKEN separately. When the setup is complete, Devin should be ready to start sessions in your VPC environment.

4

Firewall: Requirements

If user devices have a firewall, whitelist the following URLs:

    • app.devin.ai
    • api.devin.ai
    • *.devinapps.com

Sample Azure WAF Rule

Enterprise SecurityAWS VPC Setup