- Access the link to access the Azure Portal: https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps
- Click on New registration
- in the field “name” set the 1p-agent identification, according to the image below and then, click on create.
- in the field “name” set the 1p-agent identification, according to the image below and then, click on create.
- Click on Certificates & secrets in the sidebar
- Then New client secret
- In the Description field place the 1p-agent-secret identification
- Set it to expire in 24 months, then click on Add to add.
- After completing this step, save the identification presented in the value field, this information will be used later to register the cloud in 1P.
This information is cleared as soon as you switch screens. If you exit and do not copy the value identification, you will have to redo the process until now.
- Click on Overview in the sidebar
Copy the information in the Application (client) ID and Directory (tenant) ID field.
Keep these credentials together with the information saved in previous steps. They will also be used in the cloud configuration in One Platform.
In the portal search bar look for Subscriptions and click on it, as in the image below.
Copy the information presented in the subscriptionsID field and keep it saved in the clipboard. Then click on the link in the subscription Name field
In the subscription Name area access Access Control (IAM) in the sidebar, and then find the Create a custom role field and click on ADD
In the options presented in the upper bar, click on JSON, edit, and insert the code below.
For the code to run successfully, you should enter the subscription ID copied in the previous in the highlighted area in the script below.
The subscription ID must be inserted in the sixth line, replacing all the information PASTE THE SUBSCRIPTION ID HERE.
{ "properties": { "roleName": "1p-agent-role", "description": "1p role", "assignableScopes": [ "/subscriptions/COLAR O SUBSCRIPTION ID AQUI" ], "permissions": [ { "actions": [ "Microsoft.Compute/*/read", "Microsoft.Compute/availabilitySets/*", "Microsoft.Compute/virtualMachines/*", "Microsoft.Compute/disks/*", "Microsoft.Network/*/read", "Microsoft.Network/publicIPAddresses/*", "Microsoft.Network/networkInterfaces/*", "Microsoft.Network/networkSecurityGroups/*", "Microsoft.Network/networkInterfaces/write", "Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Storage/storageAccounts/*", "Microsoft.Resources/*/read", "Microsoft.Resourcehealth/healthevent/*", "Microsoft.Resources/tags/*", "Microsoft.Resources/marketplace/purchase/*", "Microsoft.Resources/subscriptions/resourceGroups/*" ], "notActions": [], "dataActions": [], "notDataActions": [] } ] } }- Click on Save
- Click on next, and then on create to generate the new role.
Still inside the Access Control (IAM) panel, click on ADD in the upperbar, then Add role assignments.
In the Role field, set the 1p-agent-role identification, in Select enter 1p-agent, then click on Save.
After these steps, the Azure user will be created and ready to move to One Platform cloud configuration.
