Microsoft Azure Configuration – Subscriptions

Creating Azure subscriptions is a two-step process:

  • configure your Azure subscription in Azure
  • set up your Azure subscription in CloudCheckr
This topic identifies each procedure in detail.

Configure Your Azure Subscription in the Azure Portal

After you create the Directory ID, Application ID, Subscription ID, and secret key, please copy these values to a desired file type, such as CSV, and save the file to a safe location. You will need them to configure your subscription in CloudCheckr.
  1. Log into the Azure management portal.
    The portal link you choose depends on your subscription type:

  2. From the selected Azure portal, select the directory that contains the subscription you want to scan.

  3. Open the Azure Active Directory management panel.
  4. Select Properties.
  5. Find the Directory ID and save it.

  6. Select App Registrations and click Add to create a new app registration.

  7. Type a name for the application. (For example: CloudCheckr Service).
  8. From the Application Type drop-down menu, select Web app /API .
  9. In the Sign-on URL text field, type https://localhost.

  10. Click Create. When you are back on the App Registration screen, find the Application ID and save it.
  11. Select the new registration and from the menu, select Keys.
  12. Type a name, select a duration, and click Save.

    Azure creates a new key and displays the key value in the third text field.
  13. Save the new key value immediately since you will not be able to view it again. You will now have three values: Directory ID, Application ID, and the secret key.
  14. Open the Subscription management panel.
  15. Select the subscription that CloudCheckr will monitor. Find the subscription ID and save it.
  16. With the subscription selected from the subscription management panel, select Access Control (IAM).

  17. Click Add to add the new service account.
  18. Select the Reader role and then add the new service account as the user. You may need to search for the account if it is not listed.
  19. Save the change.

    The CloudCheckr service account should now be on the list with reader access.

Configure Your Subscription Account in CloudCheckr

To import your Azure data into CloudCheckr, you need to create Azure accounts in CloudCheckr.

  1. From the top right of the Partners page, click the NEW ACCOUNT button.

    The New Account screen displays.

  2. Type a name for your account. If needed, you can change the name later.
  3. From the Cloud Provider drop-down menu, select Microsoft Azure.
  4. Click Create.

    The Configure Account page opens.
  5. Click the drop-down arrow and select Collect resource information from my Azure subscription from the drop-down menu.

    The Configuration page displays the subscription instructions.
  6. Provide the required information from the Azure portal.
    • Directory ID
    • Application ID
    • Subscription ID
    • Secret Key
  7. From the Azure Account Type drop-down menu, select Commercial or Government.
  8. Click Update.

How did we do?