Installing Sidra via the Azure Portal¶

This guide explains how to deploy Sidra into your Azure subscription using the Azure Portal. This is the recommended method for most scenarios. For more advanced or customized setups, see the Advanced Deployment Scenarios.

Overview of the Deployment Process¶

Sidra is deployed in two main stages:

1. A bootstrap resource group is created. This group hosts the bootstrapper, a web-based interface that initiates and guides the deployment process.
2. After configuration, the bootstrapper deploys the Sidra environment into a dedicated managed resource group.

Each bootstrapper manages one Sidra environment (e.g., development, test, production), and multiple environments can coexist in the same Azure subscription.

Deployment Flow¶

1. Deploy the bootstrapper using the Azure Portal into a new or existing resource group.
2. Configure the Sidra environment using the bootstrapper's web UI. This step launches the deployment of the core managed resource group and the Supervisor service.
3. Access the Supervisor once it's deployed to continue installing the remaining Sidra services and infrastructure.

Installation Walkthrough¶

The next sections provide a step-by-step guide to deploying a new Sidra environment using the Azure bootstrapper.

Deploying the Bootstrapper¶

Sidra environments are deployed using a lightweight installer known as the Sidra Bootstrapper, which is provisioned through a Managed Application hosted by Sidra on Microsoft Azure.

To deploy the Bootstrapper, you will need to provide a few configuration parameters. These do not yet affect your Sidra services or data — they are used exclusively to provision the initial deployment infrastructure.

For this tutorial, we’ll deploy a new Sidra environment called Tutorial, using the following values:

• Subscription: Demos
• Resource Group: Sidra.Bootstrap
• Region: West US 3
• Installer Name: sidra-bootstrap-tutorial-20250515171300
• Application Name: Tutorial
• Application Resources RG Name: Sidra.Tutorial

Once the Managed Application has been deployed, click Go to resource to open its configuration screen. You’ll see a brief explanation of how to access the Bootstrapper Web UI.

The most direct way to launch the interface is by navigating to: Settings → Parameters and Outputs
Then, copy the URL shown under the containerUri field in the Outputs section.

Configuring the Bootstrapper¶

Now that we have the bootstrapper properly deployed, we need to set it up and to ensure we satisfy all the pre-requirements to continue with the next stage of the deployment flow, which is deploying Sidra's Supervisor. Let's open a browser and navigate to the URL you copied in the previous step:

You will be greeted with a description of the process and pre-requisites that need to be met to be able to continue with the installation of Sidra.

Requirements Checklist¶

Sidra License¶

A valid Sidra license is required.

Azure Access¶

• Access to Azure Portal
  You must have access to the Azure Portal and the target subscription where Sidra will be deployed.

• Azure Built-In Roles (at Subscription Scope)

  The following roles must be assigned at the subscription level:

  • Contributor
    Grants permission to create and manage Azure resources (e.g., Key Vaults, Container Apps, Storage Accounts).
    This role must be assigned to the Supervisor’s managed identity to enable deployment of Sidra Services.

  • Role Based Access Control Administrator (Preview) or User Access Administrator
    Required to execute the PowerShell script that resets the password of the Active Directory app registrations created during pre-deployment.

  Preview vs. Legacy

  Role Based Access Control Administrator (Preview) is the preferred role due to more limited permissions.
  If unavailable, the legacy User Access Administrator role can be used as an alternative.

  You can verify assigned roles by navigating to Access control (IAM) in the Azure Portal:

  

• Microsoft Entra ID (formerly Azure Active Directory) Roles

  The following Microsoft Entra ID roles must be assigned to your user account:

  • Application Administrator
    Required to create and manage Azure AD applications, such as:

    • <<appRegistrationName>>.Manager
    • <<appRegistrationName>>.IdentityServerAdAccess

  • Privileged Role Administrator
    Required to assign roles (such as Contributor) to users, groups, or managed identities — including those with privileged access.
    This role is necessary to assign the Contributor role to the Supervisor’s managed identity during deployment.

  You can verify these roles in the Privileged Identity Management section of the Azure Portal:

  

Resource Providers¶

• Ensure all the required Azure resource providers are registered:

# Check registration status
az provider show --namespace Microsoft.Databricks --query "registrationState"

# Register the provider
az provider register --namespace Microsoft.Databricks

Required Tools¶

Ensure the following tools are installed on the system where the script will run:

• Azure CLI: v2.49.0 or later (download here)
• PowerShell: v7.3.6 or later (download here)

Pre-Deployment Script¶

Sidra requires the creation of Microsoft Entra ID applications and managed identities before the Supervisor can be deployed. This is handled via a PowerShell script that should be executed prior to installation. You will run the script with your environment-specific parameters later but for now download the script archive and extract its contents locally.

Running the Pre-Deployment Script¶

We recommend running the script on a lightweight VM deployed in the same resource group as the Bootstrapper (e.g., Sidra.Bootstrap). This allows reproducible execution for future environments or maintenance tasks. However, running it locally is also supported.

Before running the script, set the PowerShell execution policy:

Set-ExecutionPolicy Unrestricted -Scope CurrentUser

With the required tools installed and the script extracted, you're ready to run the pre-deployment script. Simply copy the script command — including all required parameters — from the Bootstrapper Web UI and execute it in your terminal.

.\Pre-deploy.ps1 -appRegistrationName "Sidra.Tutorial" `
                 -tenantId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" `
                 -subscriptionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" `
                 -resourceGroupName "Sidra.Tutorial" `
                 -resourceGroupLocation "westus3"

You can find all parameters, except appRegistrationName, directly in the Subscription Details section of the Bootstrapper Web UI:

We recommend using a naming convention like Sidra.<Environment> for the appRegistrationName.

After execution, verify that the resource group Sidra.Tutorial was created and includes the expected pre-deployment assets.

Unity Catalog Configuration¶

Starting with version 2024.07, Sidra supports Databricks Unity Catalog as the metastore backend for its data workloads.

This configuration step cannot be automated and must be performed manually, between the pre-deployment script execution and the Supervisor deployment.

Deploying the Supervisor¶

With all prerequisites now in place, you're ready to deploy Sidra’s Supervisor service. At this stage:

• The pre-deployment script has been executed, provisioning the necessary Azure identities and app registrations.
• Unity Catalog access has been granted to the Manager service principal.

To proceed, review and accept the End User License Agreement, then click Begin:

Before the deployment begins, the bootstrapper will display a final checklist summarizing the required prerequisites. Click Continue to launch the Supervisor deployment process:

Next, you’ll be prompted to populate the configuration parameters required for the Supervisor deployment. These values are retrieved from the earlier steps — specifically from the pre-deployment script output and the Databricks setup.

Once the Supervisor deployment begins, the bootstrapper will provide a link to monitor the provisioning of Azure resources. After the deployment completes, a checklist of post-deployment actions will appear:

At this stage, the Supervisor has been successfully deployed. It acts as the central management hub for Sidra’s installation, overseeing the deployment and update of all core services — including Sidra Service, Authentication, and Authorization.

To access the Supervisor web interface:

• Navigate to the Supervisor Resource Group in the Azure Portal.

• Locate and open the Container App for the Supervisor Web UI, then click the application URL.

  

• Enter your Sidra license key when prompted.

  

• Sidra will begin installing its core services — Sidra Service, Authentication, and Authorization. This automated process typically takes 45–60 minutes.

  

• When installation completes, the Supervisor dashboard will display the list of deployed services. From here, you can install, upgrade, or manage additional platform components.

  

Your Sidra environment is now fully deployed and ready to use. The Supervisor is installed, the core services are running, and your platform is primed for action.

Next Steps¶

Now that your environment is up and running, you can start building value with Sidra. Here are a few key actions you can take next:

Create Your First Data Intake Process (DIP)¶

Start bringing data into your environment with Sidra’s guided, connector-driven ingestion system. The DIP workflow will help you configure source metadata, manage schemas, and kick off fully automated ingestion pipelines.

Follow the step-by-step tutorial to create a DIP

Deploy a New Data Product¶

Ready to build a solution with your ingested data? Sidra Data Products allow you to define domain-oriented, secure, and independent workloads for BI, ML, APIs, and more.

Learn how to deploy your first Data Product

If you encounter any issues or need assistance, don’t hesitate to reach out to us at [email protected]. We're here to help you succeed.