Once you have the details of the NSX Cloud Service Principal and the CSM and PCG roles, you are ready to add your Microsoft Azure subscription in CSM.

Prerequisites

  • You must have the Enterprise Administrator role in NSX-T Data Center.
  • You must have the output of the PowerShell script with details of the NSX Cloud Service Principal.
  • You must have the value of the PCG role you provided when running the PowerShell script to create the roles and the Service Principal. The default value is nsx-pcg-role.

Procedure

  1. Log in to CSM using an account with the Enterprise Administrator role.
  2. Go to CSM > Clouds > Azure.
  3. Click +Add and enter the following details:
    Option Description
    Name Provide a suitable name to identify this account in CSM. You may have multiple Microsoft Azure subscriptions that are associated with the same Microsoft Azure tenant ID. Name your account account and you can name them appropriately in CSM, for example, Azure-DevOps-Account, Azure-Finance-Account, etc.
    Client ID Copy paste this value from the output of the PowerShell script.
    Key Copy paste this value from the output of the PowerShell script.
    Subscription ID Copy paste this value from the output of the PowerShell script.
    Tenant ID Copy paste this value from the output of the PowerShell script.
    Gateway Role Name The default value is nsx-pcg-role. This value is available from the nsx_pcg_role.json file if you changed the default.
    Cloud Tags By default this option is enabled and allows your Microsoft Azure tags to be visible in NSX Manager
  4. Click Save.
    CSM adds the account and you can see it in the Accounts section within three minutes.
  5. Whitelist all the VMs in the VNet where you want VMs managed. This is not required, but highly recommended for brownfield deployments because of Quarantine Policy impact when changed from disabled to enabled.

What to do next

Deploy PCG in a VNet