Introduction to the app-based provisioning credential on Azure
Creating a credential is a prerequisite for creating an environment. On Azure, you can create a credential using the app-based credential.
When working with an Azure environment, you can use the app-based credential to authenticate your Azure account and obtain authorization to create resources on your behalf. The app-based credential allows you to manually configure the service principal created within the Azure Active Directory.
The following table provides a list of app-based cloud credential options:
App-based | |
---|---|
Overview of steps | Manually create an application, assign a role to it, and then provide the application information as part of credential creation. |
Required role | Refer to Azure permissions. |
Requirements | You must be able to manage your organization's Azure Active Directory. If you do not have the required permissions, then you should ask your Azure administrator to register an application on Azure and then assign the Contributor role (or its equivalent) to it. |
More information | The app-based method allows you to create a credential without logging in
to the Azure account, as long as you have been given all the information. This
means that if you can't complete app registration and role assignment steps by
yourself, you can ask your Azure administrator to complete these steps and then
provide you with the required information that can be provided during
credential creation. In addition to providing your Subscription ID and Tenant ID, you must provide information for your previously created Azure AD application (its ID and key which allows access to it). Cloudera stores these credentials. |
For more information about applications and service principal objects, refer to Azure docs.