V11 SP8
Loading...

Setting Up an Application and Tenant for Azure Resource Manager

You can run an Azure PowerShell tool to set up the application and tenant for your Azure Resource Manager subscription. The application ID created by the tool can be used to create an Azure virtualization client that supports Azure VM provisioning, backups, recovery, and VM conversion to Azure.

An application is a specific cloud service associated with your Azure account, and the tenant is a client or organization that manages an instance of the cloud service. The application and tenant are associated with your subscription through Azure Active Directory, which provides identity and access management for the Azure cloud.

Before You Begin

  • The following applications must be installed:
    • Windows PowerShell 5.0 or later
    • Azure PowerShell 3.0 or later
  • Download Azure RM Virtualization Client Tool from the Cloud Services website.
  • Collect the following information for your Azure account:
    • Subscription ID for the Azure account
    • User credentials with Service Administrator capabilities, for logging in to your Azure account
  • Identify the application name and password that you will provide as input to the tool.

Using the Tool to Create an Application and Tenant

  1. Run AzureRM.exe from the command line with administrator access.
  2. Provide the following information as input:
    • Application name
    • Application password
    • Subscription ID for the Azure account
  3. Log in to your Azure account.

The script returns the following information, which you can use to create the virtualization client for your Azure subscription:

  • Subscription ID
  • Application ID
  • Tenant ID

The application and tenant created by the tool are available for the Azure subscription.

Creating an Application and Tenant Manually

  1. Log in to Azure with user credentials that have global admin privileges, to provide access to the default directory in Azure Active Directory.

    You can log in through the Azure portal or by using PowerShell.

  2. Create an application in the default directory and make a note of the application ID.

    Specify the application password when creating the application.

  3. Use the application ID to create a new service principal for the application.
  4. Assign Reader or Contributor roles, either to a specific resource group or to the subscription as a whole.

Creating an Application ID using Azure PowerShell Commands

  1. Run Azure PowerShell as Administrator.
  2. Run the following command to get a list of Azure modules:

    Get-Module -Name AzureRM* -ListAvailable

    If no Azure modules are listed, verify that the latest versions of Windows PowerShell and Azure PowerShell are installed.

  3. Run the following commands to import all necessary Azure modules:

    Import-Module -Name AzureRM.Profile
    Import-Module -Name Azure

  4. Log on to the Azure Resource Manager account:

    Login-AzureRmAccount

  5. Run the following command to get a list of the subscriptions that are available for the account.

    Get-AzureRmSubscription

    The output of the command includes the subscription ID and tenant ID.

  6. Run the following command to create a new Active Directory application.

    New-AzureRmADApplication -DisplayName app_name -HomePage home_page -IdentifierUris identifier_uri -Password app_password

    Where the following variables use values you provide:

    • app_name: Name of the application to be created on Azure Active Directory.
    • home_page: http://app_name (URL including the application name you specify)
    • identifier_uri: http://app_name (URI including the application name you specify)
    • app_password: Password for the application to be created on Azure Active Directory.

    The output includes the application ID created on Azure Active Directory. Use this application ID as input for the next steps.

  7. After the application is created successfully, run the following command to create the Service Principal:

    New-AzureRmADServicePrincipal -ApplicationId app_id

    Where app_id is the application ID that was created in step 6.

  8. Run the following command to to assign the necessary role for the application:

    New-AzureRmRoleAssignment -Scope /subscriptions/id -RoleDefinitionName Contributor -ServicePrincipalName app_id

    Where the following variables use values you provide:

    • id: Subscription ID for the Azure account.
    • app_id: Application ID that was created in step 6.

The subscription ID, tenant ID, application ID, application name, and application password are required to create an Azure virtualization client in the CommCell Console.