Azure Registered Applications: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
(Created page with "=External= * https://docs.microsoft.com/en-us/azure/active-directory/develop/developer-glossary#application-registration * https://docs.microsoft.com/en-us/azure/active-direct...")
 
Line 33: Line 33:
}
}
</syntaxhighlight>
</syntaxhighlight>
* Assign the role to the app registration. Subscriptions → subscription in question → Role Assignments → Add → Role: Contributor, Assign access to: User, group, or service principal, Select: filter by application registration name.

Revision as of 01:39, 21 August 2021

External

Internal

Overview

Accessible from Azure console at https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade

Application ID

This surfaces as the an access key credential.

Client Secret

A secret string that the application uses to prove its identity when requesting a token. Also can be referred to as "application password".

Configure Role to allow access Microsoft Azure Resources

  • Create custom RBAC role. Subscriptions → subscription in question → Access control (IAM) → + Add → Add Custom Role → JSON:
{
    "properties": {
        "roleName": "integration-testing",
        "description": "",
        "assignableScopes": [
            "/subscriptions/c23f02b9-3dff-48a8-bde9-1508d5ab84ab"
        ],
        "permissions": [
            {
                "actions": [
					"Microsoft.Network/networkSecurityGroups/read", 
					"Microsoft.Network/publicIPAddresses/read"
					],
                "notActions": [],
                "dataActions": [],
                "notDataActions": []
            }
        ]
    }
}
  • Assign the role to the app registration. Subscriptions → subscription in question → Role Assignments → Add → Role: Contributor, Assign access to: User, group, or service principal, Select: filter by application registration name.