CloudCreator provides reporting and governance across multiple technologies. This includes the Azure and AWS services you purchase through CCL. Find out more here: About Azure Integration
To integrate your Azure provider subscription with CloudCreator, you'll need to complete the following stages, described below:
- Stage One: Complete the Application Registration in Azure
- Stage Two: Record the Application Registration in CloudCreator
Application registration in Azure is tied to a single subscription that includes an Application ID and Secret Key. These are used for inbound API calls to Azure to adopt the permissions assigned by the user who has set up the application registration. As a user's role in Azure is at provider level, not subscription level, one user can have the same access across multiple subscriptions.
1. Sign in to the Azure public portal at portal.azure.com. This can also be done by a client user, or a CCL RADAR team member on your behalf.
2. In the Microsoft Azure dashboard, select Azure Active Directory from the left-hand menu.
3. In the App registrations screen, select App registrations > New registration.
5. In the Overview screen for your application, the name of your application will display at the top left. You'll see in the screenshot below that ours is called 'AzureTest'.
15. The secret key appears (only at the time of creation). Use the copy icon to copy the secret key value, to record it into CloudCreator as part of Stage Two below.
Once you have completed the Application Registration above, you need to record it in CloudCreator.
CloudCreator will check that the combination of Subscription ID plus Application ID are unique (within the CloudCreator Parent Cloud). However, the same Application ID details can be loaded against multiple CloudCreator clouds. If another user completes an Application Registration in Azure, they will have a separate Application ID and these can both be loaded into CloudCreator.
Before you begin
Before you begin, make sure you have the following information:
|Information required||How to find|
To view, select the Overview screen for your application:
|Application Secret Key||This is the secret key value you copied in Stage One above.|
This is the information that follows the '@' in your Azure Id.
Example: In email@example.com, the Tenant Domain is yyyy.onmicrosoft.com.
Follow these steps to view your Tenant Domain:
1. From the Microsoft Azure Dashboard, select Azure Active Directory in the left-hand menu.
2. The tenant domain information will display:
Follow these steps to find your Subscription ID:
1. At the top of the Microsoft Azure Dashboard, type 'subscription' into the search bar. Select Subscriptions to view.
2. The Subscriptions screen displays the Subscription ID. Select the subscription you want to link to CloudCreator.
Note: Take a note of the Subscription ID as this will be needed later.
3. From the Azure portal, select Access control (IAM).
To grant access to an Azure resource, you must add a role assignment. Follow these steps to assign a role.
1. From the Azure portal, select Access control (IAM).
2. Select Add > Add role assignment
3. The Add role assignment window appears. Complete the fields as follows:
4. Click Save to assign the role.
Follow the steps below to record the Application Registration in CloudCreator.
2. Click the Virtual Clouds icon in the sidebar.
4. From the Summary screen, click the Providers tab.
5. In the Providers screen, click the Link Provider button.
6. In the Link Provider Account screen, select Microsoft Azure from the dropdown menu.
7. Complete the fields and click Link to confirm.
8. A notification will appear at the top of your screen to confirm that your subscription has been created. The event will also appear in the Recent Events panel.
9. The Azure resource tile will appear on your dashboard. Now that you've completed the Application Registration you need to Link, Unlink and Modify Accounts to Azure in CloudCreator.