Cloudaware is a comprehensive SaaS based, modular IT Management platform. While all of Cloudaware capabilities are applicable to non-cloud use cases, platform is specifically designed to address the needs of customers who rely extensively on cloud computing infrastructure from Amazon Web Services, Microsoft Azure and Google Compute Cloud.
I then wanted to link my Azure free subscription on cloudaware.
- Select App registrations → +New registration.
- Insert the following information for your Azure Application: cloudaware-api-access-test
- Supported account types: Accounts in any organizational directory (Any Azure AD directory - Multitenant)
- Redirect URL: Web - https://cloudaware.com
- Configure Premissions:
- Select the application that you have just created
- Select 'API permissions'. Click +Add a permission.
- Select the tab 'Microsoft APIs'. Select 'Azure Service Management'.
Select 'Delegated permissions' and check the box 'user_impersonation.
Access Azure Service Management as organization users (preview)'. Click Add permissions.
Select Microsoft Graph.
a.Select APPLICATION / Read directory data
b.Select DELEGATED / Read directory data, Sign in and read user profile (as shown in the screenshot below)
Click +Add a permission to choose one more API: Azure Active Directory Graph.
a.Select APPLICATION / Read directory data
b.Select DELEGATED / Read directory data, Sign in and read user profile (as shown in the screenshot below)
c.Having added APIs, click Grant admin consent for Default Directory to populate them.
Configure Keys
Select 'Certificates & secrets' → +New client secret
Enter the description: ca-api-key
Set the EXPIRES to: Never
Click: Add
Save the secret value in a secure location.
Then continue to follow https://docs.cloudaware.com/#_azure_start_guide
Overall it was a good exercise on RBAC and IAM setup for external application.
No comments:
Post a Comment