You can create a Microsoft Azure endpoint to facilitate a credentialed connection between vRealize Automation and an Azure deployment.

An endpoint establishes a connection to a resource, in this case an Azure instance, that you can use to create virtual machine blueprints. You must have an Azure endpoint to use as the basis of blueprints for provisioning Azure virtual machines. If you use multiple Azure subscriptions, you need endpoints for each subscription ID.

As an alternative, you can create an Azure connection directly from vRealize Orchestrator using the Add an Azure Connection command located under Library > Azure > Configuration in the vRealize Orchestrator workflow tree. For most scenarios, creating a connection through the endpoint configuration as described herein is the preferred option.

Azure endpoints are supported by vRealize Orchestrator and XaaS functionality. You can create, delete, or edit an Azure endpoint. If you change an existing endpoint and do not execute any updates on the Azure portal through the updated connection for several hours, problems may occur. You must restart the vRealize Orchestrator service using the service vco-service restart command. Failure to restart the service may result in errors.

Prerequisites

Procedure

  1. Select Administration > vRO Configuration > Endpoints.
  2. Click the New icon (Add).
  3. On the Plug-in tab, click the Plug-in drop-down menu and select Azure.
  4. Click Next.
  5. Enter a name and, optionally, a description.
  6. Click Next.
  7. Populate the text boxes on the Details tab as appropriate for the endpoint.

    Parameter

    Description

    Connection settings

    Connection name

    Unique name for the new endpoint connection. This name appears in the vRealize Orchestrator interface to help you identify a particular connection.

    Azure subscription id

    The identifier for your Azure subscription. The ID defines the storage accounts, virtual machines and other Azure resources to which you have access.

    Azure Environment

    The geographic region for the deployed Azure resource. vRealize Automation supports all current Azure regions based on the subscription ID.

    Resource manager settings

    Azure service URI

    The URI through which you gain access to your Azure instance. The default value of https://management.azure.com/ is appropriate for many typical implementations. This box is auto-populated when you select an environment.

    Tenant Id

    The Azure tenant ID that you want the endpoint to use.

    Client Id

    The Azure client identifier that you want the endpoint to use. This is assigned when you create an Active Directory application.

    Client secret

    The key used with an Azure client ID. This key is assigned when you create an Active Directory application.

    Azure storage URI

    The URI through which you gain access to your Azure storage instance. This box is auto-populated when you select an environment.

    Proxy Settings

    Proxy host

    If your company uses a proxy Web server, enter the host name of that server.

    Proxy port

    If your company uses a proxy Web server, enter the port number of that server.

  8. (Optional) Click Properties and add supplied custom properties, property groups, or your own custom property definitions.
  9. Click Finish.

What to do next

Create appropriate resource groups, storage accounts, and network security groups in Azure. You should also create load balancers if appropriate for your implementation.

Action

Options

Create an Azure resource group

  • Create the resource group using the Azure portal. See the Azure documentation for specific instructions.

  • Use the appropriate vRealize Orchestrator workflow found under the Library/Azure/Resource/Create resource group.

  • In vRealize Automation, create and publish an XaaS blueprint that contains the vRealize Orchestrator workflow. You can request the resource group after attaching it to the service and entitlements.

    Note:

    The Resource Group resource type is not supported or managed by vRealize Automation.

Create an Azure storage account

  • Use Azure to create a storage account. See the Azure documentation for specific instructions.

  • Use the appropriate vRealize Orchestrator workflow found under Library/Azure/Storage/Create storage account.

  • In vRealize Automation, create and publish an XaaS blueprint that contains the vRealize Orchestrator workflow. You can request the storage account after attaching it to the service and entitlements.

Create an Azure network security group

  • Use Azure to create a security group. See the Azure documentation for specific instructions.

  • Use the appropriate vRealize Orchestrator workflow found under the Library/Azure/Network/Create Network security group .

  • In vRealize Automation, create and publish an XaaS blueprint that contains the vRealize Orchestrator workflow. You can request the security group after attaching it to the service and entitlements.