App-based credential on Azure

Creating a credential is a prerequisite for creating an environment. On Azure, you can create a credential using the app-based credential.

When working with an Azure environment, you can use the app-based credential to authenticate your Azure account and obtain authorization to create resources on your behalf. The app-based credential allows you to manually configure the service principal created within the Azure Active Directory.

The following table provides a list of app-based cloud credential options:

App-based
Overview of steps Manually create an application, assign a role to it, and then provide the application information as part of credential creation.
Required role 1. The Owner built-in Azure role

2. The Application Developer role in Azure Active Directory. For more information, refer to Create a service principal: Required permissions in Azure docs.

Requirements You must be able to manage your organization's Azure Active Directory. If you do not have the required permissions, then you should ask your Azure administrator to register an application on Azure and then assign the Contributor role (or its equivalent) to it.
Pros and cons The advantage of the app-based method is that it allows you to create a credential without logging in to the Azure account, as long as you have been given all the information. This means that if you can't complete app registration and role assignment steps by yourself, you can ask your Azure administrator to complete these steps and then provide you with the required information that can be provided during credential creation.

In addition to providing your Subscription ID and Directory ID, you must provide information for your previously created Azure AD application (its ID and key which allows access to it). CDP stores these credentials.

For more information about applications and service principal objects, refer to Azure docs.