Microsoft Azure

Suggest Edits

This document provides instructions for configuring Azure in order for the Netography Context Integration to have the correct access to pull label contexts.

Azure Steps

Register a new application in Azure Active Directory

  • Go to Active Directory within the Azure portal.
  • Click on "App Registrations" on the left side menu.
  • Click on "New Registration" along the top after.
  • Fill out the form to register the new app**
    • Give the app a name.
    • Select type of account.
    • Click register at the bottom to complete.
  • This will take you to the app registration view as shown below**
    • Copy the Application (client) ID and Directory (tenant) ID to a temporary file or other safe location as they are required for the Netography portal configuration.

Create the client secret

  • Click on "Certificates and secrets" on the left hand side menu.

  • Then "New client secret" to add a secret for our app.

  • Fill out description.

  • Set expires to something that is org appropriate.

  • Click add to complete.

    This will show you the secret temporarily (see below)

    🚧

    Ensure you copy the secret to a secure location before leaving this screen.

Assign the role to application

  • Go to Subscriptions, select your subscription which will bring you to the screen below.
  • While on this screen, copy the subscription ID as it's needed for the Netography portal configuration.
  • Next, select "Access control (IAM)."
  • Click on "Role assignments"
  • After Click "Add" then "Add role assignment" pictured below.
  • Here you are presented with a list of roles. Filter by typing "Virtual" in the filter box and select the role "Virtual Machine User Login."
  • Click Next at the bottom.
  • Next step is to assign the role to our app.
  • Click "Select members" and a box will appear to the right showing users. NOTE: Your app will not automatically appear here. You have to search for it.
  • Then select your app
  • Once selected you can slick select at the bottom
  • Then Click Review + Assign twice
  • You should now see your role assigned to your app in the list as pictured.

Netography Portal Steps

Navigate to Integrations (make sure you are on the Context tab) and click "Add Integration", then select Microsoft Azure

Configuration

The following fields are specific to the Azure configuration.

FieldRequiredDescriptionExample
Subscription IDyesCloud Region
Tenant IDyesAzure subscription id to be queried
Tag/Label MatchesTag/Label matches represent the names of tags you use within the cloud provider. IE. A user might choose to tag all of their web servers with a tag "subsystem" that has a value of "web".

Authentication

The following fields are necessary for the integration to authenticate with Azure.

FieldRequiredDescription
Client IDyesClient id to use authenticating with Azure
Client SecretyesClient secret to use authenticating with Azure

Updated 6 months ago