1st Access the link to access the Azure Portal https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps

2nd Click on New registration, and in the field “name” set the 1p-agent identification, according to the image below and then, click on create.

3rd Click on Certificates & secrets, then New client secret, in the Description field place the 1p-agent-secret identification and set it to expire in 24 months, then click on Add to add.

After completing this step, save the identification presented in the value field, this information will be used later to register the cloud in 1P.

4th Click on Overview in the sidebar and copy the information in the Application (client) ID and Directory (tenant) ID field.

Keep these credentials together with the information saved in step 3. They will also be used in the cloud configuration in 1P.

5th In the portal search bar look for subscriptions and access, as in the image below.

6th Copy the information presented in the subscriptionsID field and keep it saved in the clipboard, then click on the link in the subscription Name field

7th In the subscription Name area access Access Control (IAM) in the sidebar, and then find the Create a custom role field and click on ADD

8th In the options presented in the upper bar, click on JSON, edit and insert the code below.

In order for the code to run successfully, it is necessary to enter the subscription ID that is on your clipboard, according to step 6 in the determined area in the script below.

The subscription ID must be inserted in the sixth line, replacing all the information PASTE THE SUBSCRIPTION ID HERE.

  {

    “properties”: {

        “roleName”: “1p-agent-role”,

        “description”: “1p role”,

        “assignableScopes”: [

            “/subscriptions/PASTE THE SUBSCRIPTION ID HERE

        ],

        “permissions”: [

            {

                “actions”: [

                    “Microsoft.Compute/*/read”,

                    “Microsoft.Compute/availabilitySets/*”,

                    “Microsoft.Compute/virtualMachines/*”,

                    “Microsoft.Compute/disks/*”,

                    “Microsoft.Network/*/read”,

                    “Microsoft.Network/publicIPAddresses/*”,

                    “Microsoft.Network/networkInterfaces/*”,

                    “Microsoft.Network/networkSecurityGroups/*”,

                    “Microsoft.Network/networkInterfaces/write”,

                    “Microsoft.Network/virtualNetworks/subnets/join/action”,

                    “Microsoft.Storage/storageAccounts/*”,

                    “Microsoft.Resources/*/read”,

                    “Microsoft.Resourcehealth/healthevent/*”,

                    “Microsoft.Resources/tags/*”,

                    “Microsoft.Resources/marketplace/purchase/*”,

                    “Microsoft.Resources/subscriptions/resourceGroups/*”

                ],

                “notActions”: [],

                “dataActions”: [],

                “notDataActions”: []

            }

        ]

    }

}

9th Click on Save

[image of applied json]

10th Click on next, and then on create to generate the new role.

 

11th Still inside the Access Control (IAM) panel, click on Add role assignments. In the Role field, set the 1p-agent-role identification, in Select enter the information 1p-agent, then click on Save. [once associated, follow the 1P config – click here]

After these steps, the Azure user will be created and ready to move to 1P cloud configuration.

Elvenworks Soluções em tecnologia LTDA

Smart Platforms

 

Follow Us

Email: contact@elven.works