Skip to content

Deploying Azure TRE

You are now ready to deploy the Azure TRE instance.

Register Azure Resource Providers

First, register the required Azure resource providers for your subscription:

make register-providers

This step only needs to be run once per Azure subscription and registers the necessary Azure resource providers (Microsoft.Storage, Microsoft.AlertsManagement, Microsoft.Compute) and features (EncryptionAtHost) required by Azure TRE.

Deploy Azure TRE

Execute the all action of the makefile using make:

make all

Deploying a new Azure TRE instance takes approximately 30 minutes.

Once the deployment is completed, you will be presented with a few output variables similar to the ones below:

app_gateway_name = "agw-mytre"
azure_tre_fqdn = "mytre.westeurope.cloudapp.azure.com"
core_resource_group_name = "rg-mytre"
keyvault_name = "kv-mytre"
log_analytics_name = "log-mytre"
static_web_storage = "stwebmytre"

The Azure TRE instance is initially deployed with an invalid self-signed SSL certificate. This certificate needs to be replaced with one valid for your configured domain name. To use a certificate from Let's Encrypt, run the command:

make letsencrypt

Caution

There are rate limits with Let's Encrypt, so this should not be run when not needed.

Info

If you're using Codespaces, you'll encounter a bug when trying to run make letsencrypt where the incorrect IP will be whitelisted on the storage account and Codespaces won't be able to upload the test file due to a 403 error. The workaround until this is fixed is to temporarily disable the firewall on your stweb{TRE_ID} storage account before running the script, then re-enable afterwards.

Validate the deployment

Using curl

Use curl to make a simple request to the health endpoint of the API:

curl https://<azure_tre_fqdn>/api/health

The expected response is:

{
  "services": [
    {
      "service": "Cosmos DB",
      "status": "OK",
      "message": ""
    },
    {
      "service": "Service Bus",
      "status": "OK",
      "message": ""
    },
    {
      "service": "Resource Processor",
      "status": "OK",
      "message": ""
    }
  ]
}

Using the API docs

Open your browser and navigate to the /api/docs route of the API: https://<azure_tre_fqdn>/api/docs and click Try it out on the operation of choice.

Swagger UI

Next steps