After you register a new Azure Active Directory (AD) application and create a new secret in the Azure portal, you can onboard your Azure subscription to Carbon Black Cloud.

Procedure

  1. On the left navigation pane, go to Settings > Public Cloud Accounts.
  2. Click Add Account.
    The Add Public Cloud Account window displays.
  3. Under Cloud Provider, select Azure.
  4. Under Method, select Single account . Click Next.
  5. On the Account Details page, enter the Subscription name and ID.
    You can locate these properties on the Microsoft Azure portal > Navigate > Subscriptions page.

    The location of the subscription name and ID.

  6. Select your environment and region and enter your account information.
  7. Populate the Connect Account page with the following data from the Azure portal:
    1. Retrieve the application (client) ID and the tenant ID from your Azure AD application page under Azure services > Azure Active Directory > App registrations.
      The client ID identifies publicly the Azure AD application in the AD instance and the tenant ID identifies the Azure AD instance.
      Public identifiers of the Azure Active Directory application in an Active Directory instance and the instance.
    2. If you did not record the client secret when you registered your AD application, retrieve it from the Azure AD application page by clicking the link under Client credentials and locating the Expires, Value, and Secret ID columns in the Client secrets tab.
      Client secret value The client secret value is an encrypted string for identifying and authenticating your registered application in the process of token request.
      Client secret ID The application password of the service principal.
      Client secret expiration date The expiration date is a maximum of two years. You cannot extend it unless you use PowerShell, where you can set an unlimited expiry. After the client secret expires, the tenant cannot use the Digital Assistant. You must renew client secrets before they expire. You can also create a schedule to renew secrets as needed.
  8. On the Event Stream page or in the Azure Cloud Shell, copy and execute the script in the Azure CLI of your account to be onboarded.
    The script automatically populates based on your input.
  9. To save the Azure subscription information and connect to the account, click Add Account.

Results

After the Azure subscription account onboards to Carbon Black Cloud, it connects to the console, and you can view it in the list of public cloud accounts under Settings > Public Cloud Accounts.