Introduction

When you are using Clouds to discover your Microsoft Azure instances, you will need four credential items - subscription id, tenant id, client id and client secret.

Retrieving or Creating

In order to use the Azure Rest API, you will need to create an Azure Active Directory Application that is used for authentication.

Tenant ID

To retrieve the Tenant ID. Open the Azure portal click on Azure Active Directory, Properties and the Tenant ID is displayed as your Directory ID (don't blame me for the name mismatch, that's how Microsoft roll!).

Client ID and Secret

The client ID is the ID of an Azure Active Directory application. The client secret is the key that you give that application.

Click on App Registrations to create a new Application, then click New Application Registration. Give it a name (I used Open-AudIT), select Web app / API as the type and provide any URL (the URL is not important) and now click Create.

Click on the application you just created. The Application ID displayed is the Client ID.

To create the client secret, click Settings, then Keys. Provide a key name and select an appropriate expiry date, then click Save.

The value will be populated for you - this is the Client Secret.

Now we need to provide the Azure Active Directory application access to your subscription.

Click on Resource Groups and then the resource group you would like your Azure Active Directory Application to have access to.

Click Add. The role should be Contributor and then search for the app (Open-AudIT). Then click Save.

Now the application has access to the subscription, so we can make API calls. The API calls will be requested on behalf of the application, not your user.


Subscription ID

Now for the Subscription ID, click All Services, Subscriptions and copy it.

Using

Once you have those items, in Open-AudIT Enterprise you can go to menu -> Discover -> Clouds -> Create Clouds, select the "Microsoft Azure" type and paste them in. Done :)