To securely access data on your provider account, the Discovery process must present appropriate credentials. To make the credentials available to Discovery, you first create Azure service principal credentials in the Azure Portal. You then securely store the credentials in a service
account in your instance.
Before you begin
Role required:
- Azure Portal Active Directory (AD) administrator
- Cloud Provisioning and Governance: admin or sn_cmp.cloud_admin,
discovery_admin
Procedure
-
Create a Microsoft Azure service principal and open the text file that you created during the procedure.
-
In the Cloud Admin Portal, navigate to
.
-
Click New and then select Azure Service
Principal.
-
Specify the following values on the Azure Service Principal form:
| Field |
Value |
| Name |
Name of the service principal to register with the
instance. For example, Azure service principal
credentials. |
| Authentication Method |
Select Client Secret. The
Secret key field appears when
you select Client
Secret.
Note: Client
Assertion is not
supported. |
-
Copy/paste values from the Azure-Credentials.txt text file
into the remaining fields.
-
Select the appropriate EA credential from the list,
select the Active check box, and then click
Save to create the record.
-
Click the Discover Subscriptions related link to find
all subscriptions that are associated with the Azure service principal.
The instance creates a service
account for each discovered
subscription.The Azure
Subscriptions related list displays all subscriptions that are associated with the Azure service principal.
-
Click a subscription to view the service
account that was created for the subscription.
-
Click a discovery status entry in the Credential Discovery Status list to view the associated discovery log.
Each time that you click Discover Subscriptions, the instance generates a new discovery status and lists the status in the Credential Discovery Status list.