You must gather some information and perform some configuration in order to create a Microsoft Azure cloud account in Cloud Assembly.
Procedure
- Locate and record your Microsoft Azure subscription and tenant IDs.
- Subscription ID - Click the Subscriptions icon on the left toolbar in your Azure portal to view the subscription ID.
- Tenant ID - Click the Help icon and select Show Diagnostics in your Azure portal. Search for tenant and record the ID when you have located it.
- You can create a new storage account and a resource group to get started. Alternatively, you can create these in blueprints later.
- Storage Account - Use the following procedure to configure an account.
- In your Azure portal, locate the Storage Accounts icon on the sidebar. Make sure the correct subscription is selected and click Add. You can also, search for storage account in the Azure search field.
- Enter the required information for the storage account. You will need your subscription ID.
- Select whether to use an existing resource group or create a new one. Make note of your resource group name, as you will need it later.
Note: Save the location of your storage account as you will need it later.
- Create a virtual network. Alternatively, if you have a suitable existing network, you can select that one.
If you are creating a network, you must select Use an Existing Resource Group and specify the group that you created in the preceding step. Also, select the same location that you specified previously. Microsoft Azure will not deploy virtual machines or other objects if the location doesn't match between all applicable components that the object will consume.
- Locate the Virtual Network icon on the left panel and click it or search for virtual network. Make sure to select the correct subscription and click Add.
- Enter a unique name for your new virtual network and record it for later.
- Enter the appropriate IP address for your virtual network in the Address space field.
- Ensure that the correct subscription is selected and click Add.
- Enter the remaining basic configuration information.
- You can modify the other options as necessary, but for most configurations, you can leave the defaults.
- Click Create.
- Set up an Azure Active Directory application so that vRA can authenticate.
- Locate the Active Directory icon on the Azure left menu and click it.
- Click App Registrations and select Add.
- Type a name for your application that complies with Azure name validation.
- Leave Web app/API as the Application Type.
- The Sign-on URL can be anything that is appropriate for your usage.
- Click Create.
- Create a secret key to authenticate the application in Cloud Assembly.
- Click the name of your application in Azure.
Make note of your Application ID for later use.
- Click All Settings in the next pane and select Keys from the settings list.
- Enter a description for the new key and choose a duration.
- Click Save and make sure to copy the key value to a safe location as you will be unable to retrieve it later.
- On the left menu, select API Permissions for the application and click Add a Permission to create a new permission.
- Select Azure Service Management on the Select an API page.
- Click Delegated Permissions.
- Under Select permissions select user_impersonation and then click Add Permissions.
- Authorize your Active Directory application to connect to your Azure subscription so that you can deploy and manage virtual machines.
- In the left menu, click the Subscriptions icon, and select your new subscription.
You may need to click on the text of the name to get the panel to slide over.
- Select the Access control (IAM) option to see the permissions to your subscription.
- Click Add under the Add a Role Assignment heading.
- Choose Contributor from the Role drop down.
- Leave the default selection in the Assign Access to drop down.
- Type the name of your application in the Select box.
- Click Save.
- Add additional roles so that your new application has Owner, Contributor, and Reader roles.
- Click the Save.
What to do next
You must install the Microsoft Azure command line interface tools. These tools are freely available for both Windows and Mac operating systems. See the Microsoft documentation for more information about downloading and installing these tools.
When you have the command line interface installed, you must authenticate to your new subscription.
- Open a terminal window and type your Microsoft Azure login. You will receive a URL and a shortcode that will allow you to authenticate.
- In a browser, enter the code that you received from the application on your device.
- Enter your Auth Code and click Continue.
- Select your Azure account and login.
If you have multiple subscriptions, ensure that the correct one is selected using the azure account set <subscription-name>
command.
- Before you proceed, you must register the Microsoft.Compute provider to your new Azure subscription using the
azure provider register microsoft.compute
command.If the command times out and generates an error the first time your run it, run it again.
When you have completed configuration, you can use the azure vm image list
command to retrieve available virtual machine image names. You can choose the desired image and record the URN provided for it and later use it in blueprints.