Add Microsoft Azure Cloud Provider
Connect the Microsoft Azure cloud provider where you will deploy your services using Harness.
You add cloud providers to your Harness Account and then reference them when defining deployment environments.
In this topic:
- Before You Begin
- Visual Summary
- Step 1: Add the Cloud Provider
- Step 2: Gather the Required Information
- Review: Permissions
- Step 3: Client ID
- Step 4: Tenant ID
- Step 5: Select Encrypted Key
Before You Begin
- See Harness Key Concepts.
Here's an overview of the Microsoft Azure Cloud Provider settings.
Step 1: Add the Cloud Provider
To add a cloud provider to your Harness account, do the following:
- Click Setup, and then click Cloud Providers.
- Click Add Cloud Provider and select Microsoft Azure.
The Add Microsoft Azure Cloud Provider panel appears.
Step 2: Gather the Required Information
In Microsoft Azure, you can find the information you need in the App registration Overview page:
Make sure the following permissions are assigned to the roles.
- For Azure Container Repository (ACR): The Client ID (Application ID) must be assigned to a role that has the Reader permission on the resource group of the ACR container. This is the minimum requirement.
- For Azure Kubernetes Services (AKS): The Client ID (Application ID) must be assigned to a role that has the Owner permission on the AKS cluster. If you are using the Kubernetes Cloud Provider and the Kubernetes Delegate in the AKS cluster, then AKS permissions are not required at all. This is recommended.
Step 3: Client ID
This is the Client/Application ID for the Azure app registration you are using. It is found in the Azure Active Directory App registrations. For more information, see Quickstart: Register an app with the Azure Active Directory v1.0 endpoint from Microsoft.
To access resources in your Azure subscription, you must assign the Azure App registration using this Client ID to a role in that subscription. Later, when you set up an Azure service infrastructure in a Harness environment, you will select a subscription.
If the Azure App registration using this Client ID is not assigned a role in a subscription, no subscriptions will be available.For more information, see Assign the application to a role and Use the portal to create an Azure AD application and service principal that can access resources from Microsoft.
Step 4: Tenant ID
The Tenant ID is the ID of the Azure Active Directory (AAD) in which you created your application. This is also called the Directory ID. For more information, see Get tenant ID and Use the portal to create an Azure AD application and service principal that can access resources from Azure.
Step 5: Select Encrypted Key
This is the authentication key for your application. This is found in Azure Active Directory, App Registrations. Click the App name. Click Certificates & secrets, and then click New client secret.
You cannot view existing secret values, but you can create a new key. For more information, see Create a new application secret from Azure.