Creating a New Service Principal

You can use the CVConfigureAzureAppForKeyVault tool to create a service principal in Azure Active Directory.

The following are the sequence of steps that happen after script execution:

  • Creates a service principal in Azure Active Directory.

  • Assigns Key Vault Administrator role on Azure Key Vault.

  • Sets access policy on Key Vault with the following permissions to the keys - unwrapKey, get, create, update and delete.

Procedure

  1. Download the CVConfigureAzureAppForKeyVault tool from Commvault Store.

  2. Execute the following command:

    CVConfigureAzureAppForKeyVault.ps1 -SubscriptionId -KeyVaultName
    

    where,

    • SubscriptionId is the subscription ID of Azure account.

    • KeyVaultName is the name of the Azure Key Vault.

  3. The tool provides the following information in the output - TenantId, ApplicationId, Certificate file path, thumbprint and password. Note this information.

    Note

    If the CommServe is on Service Pack 20 and an earlier version of Commvault, you can use thumbprint marked with 11.20 or below.

What to Do Next

×

Loading...