Configure a Subscription Account in Azure

To manage the resources of any type of subscription and gain access to CloudCheckr’s best practices, inventory, security, and utilization modules, follow this workflow.

Workflow

Click each text box to reveal each step in this workflow to see how to set up your Azure subscription account:

In this step, you will create an application in Azure.

  1. Log in to the Azure management portal associated with your subscription type:
  2. From the left navbar, click Azure Active Directory.
  3. Select Properties from the list.
  4. Copy the Tenant ID.
  5. In the Manage section of the Azure Active Directory blade, click App registrations.
  6. Click + New registration.
  7. Create your application:
    1. Type a name for your application.
    2. Under Supported account types, leave the default setting: accounts in this organizational directory only
    3. Under Redirect URI (optional), leave the default drop-down option, Web, and in the blank text field, type https://localhost
    4. Click Register.
  8. Copy the Application ID.
  9. In the Manage section of the application blade, click Certificates & secrets.
  10. Under Client secrets, click + New client secret.
  11. Type a name for the client secret, select when you want it to expire, and click Add.
  12. Copy the client secret and save it immediately since you will not be able to view it again.
  13. From the left navbar, click All Services.
  14. From the list, select Subscriptions.
  15. Click your subscription.
  16. Copy the Subscription ID.
    Rather than assign a role to a subscription, you can assign the role to a resource group or specific resource:
    • From the left navbar, click All Resources.
    • Select the resource that you want CloudCheckr to monitor.
    • Complete Step 2: Add a Role Assignment and the remaining steps in this topic.

In this step, you will associate a role with your new application.

  1. From the blade of the selected subscription, click Access control (IAM).
  2. Select Add > Add Role Assignment.
  3. Create a role assignment:
    1. From the Role drop-down list, select Reader.
    2. In the Assign access to drop-down list, leave the default option, Azure AD user, group, or service principal.
    3. In the Select text field, type the name of the application that you created.
    4. Click Save.

In this step, you will access CloudCheckr and create an account.

  1. Launch CloudCheckr.
  2. From the Projects page, select an Azure partner.
  3. From the Accounts page, click NEW ACCOUNT. The New Account page opens.
  4. Type a unique name for your account.
  5. From the Cloud Provider section, select Microsoft Azure from the drop-down menu.
  6. In the Navigation Visibility section, select the checkboxes next to the sections or modules that you want to be visible in the Azure account.
  7. At the bottom of the page, click Create. The Configure Account page opens.

In this step, you will continue the configuration process in CloudCheckr.

  1. From the Configure Account page, click the drop-down arrow and select Collect resource information from my Azure subscription from the drop-down menu.
  2. Paste the Tenant ID into the field associated with the Directory ID.
  3. Paste the Application ID into the Application ID field.
  4. Paste the client secret into the field associated with the key value.
  5. Paste the Subscription ID into the Subscription ID field. This screen identifies the fields where you need to paste those values:
  6. From the Azure Account Type drop-down menu, select Commercial, Government, or Germany.
  7. Click Update.
    If you have a Pay-as-You-Go subscription, CloudCheckr will automatically display the Edit Billing Configuration: Pay-as-You-Go Subscriptions page, but the options will be pertinent to usage and data collection.

How did we do?