Obtaining Credentials for Cloudera Director

Create an Active Directory (AD) application and service principal. The service principal is tied to the AD application, and Cloudera Director uses the service principal credentials to create and delete resources on Microsoft Azure. Therefore, you must make sure the AD application has the contributor role in your Azure subscription, which allows permission to create and delete resources. If you are not sure about these settings, contact your Active Directory administrator or Microsoft Azure Support.

The service principal is typically created by a system administrator or security administrator of your organization. This person must have administrator privileges for your Microsoft Azure subscription.

Once the Azure service principal is created, obtain the following four kinds of Azure credentials for Cloudera Director:

Subscription ID
Tenant ID
Client ID
Client Secret

You can get the subscription ID in the Azure Portal (either the new or old portal); see the Azure subscriptions blade.

You can create the AD application and service principal, get the tenant ID, client ID, and client secret, and assign the contributor role to the newly-created AD application by following one of these two methods:

The Azure Portal Steps (this method is recommended, as it is easier to follow)
The Azure CLI Steps
Note: The client secret is referred to as the application password in the Azure CLI Steps documentation.

If you are having trouble finding this information, contact Microsoft support.

Getting Started on Microsoft Azure

Setting up Azure Resources