Skip to content

Requirements & preflight

  • A subscription for sprig (a dedicated subscription is recommended: cleanest budget and policy boundary).
  • The installing operator holds Owner on that subscription.
  • Region supporting Linux consumption Function Apps and Static Web Apps (most do; westeurope is the tested default).

The installing operator can, at install time:

  • create app registrations,
  • grant admin consent / Graph app roles (Global Administrator, or Privileged Role Administrator + Application Administrator).

This is needed once. Day-to-day operation requires only the Ops app role that the installer assigns.

  • az CLI (logged in), python3, Node.js ≥ 20, npm, zip, curl.
  • A Microsoft Fabric workspace with an API for GraphQL item exposing the data your builders should reach.
  • Builders and viewers get Fabric permissions through your normal data-governance process — sprig does not grant data access.
  1. Subscription chosen and quota sane (each builder adds one resource group; each app one Static Web App).
  2. Operator can run az login and reach both Azure and Graph.
  3. Decided who holds the Ops role (share approvals) — one or more named people.
  4. Budget amount and alert email chosen.
  5. Read Exact permissions granted — your security team will ask.