App-based credential on Azure
Creating a credential is a prerequisite for creating an environment. On Azure, you can create a credential using the app-based credential.
When working with an Azure environment, you can use the app-based credential to authenticate your Azure account and obtain authorization to create resources on your behalf. The app-based credential allows you to manually configure the service principal created within the Azure Active Directory.
The following table provides a list of app-based cloud credential options:
|Overview of steps||Manually create an application, assign a role to it, and then provide the application information as part of credential creation.|
|Required role||1. The Owner built-in Azure role|
|Requirements||You must be able to manage your organization's Azure Active Directory. If you do not have the required permissions, then you should ask your Azure administrator to register an application on Azure and then assign the Contributor role (or its equivalent) to it.|
|Pros and cons||The advantage of the app-based method is that it allows you to create a
credential without logging in to the Azure account, as long as you have been
given all the information. This means that if you can't complete app
registration and role assignment steps by yourself, you can ask your Azure
administrator to complete these steps and then provide you with the required
information that can be provided during credential creation.
In addition to providing your Subscription ID and Directory ID, you must provide information for your previously created Azure AD application (its ID and key which allows access to it). CDP stores these credentials.
For more information about applications and service principal objects, refer to Azure docs.