Skip to main content

Azure CLI Setup

This installation method is recommended by Virtana for setting up your Microsoft Azure integration with Virtana Platform. However, you can use the Azure Portal to set up the integration.

About This Task

From a Windows command line shell interface you can obtain your Azure Client ID, Password, Subscription ID, and Tenant ID. All of these values must be provided to set up an Azure integration within Virtana Platform.

Virtana recommends that you enable guest OS diagnostic metrics after configuring the integration, so that you can run Azure cost reports in Cloud Cost Management (CCM).

Prerequisites

  • You must have an administrator role in Azure and in Virtana Platform.

    If you cannot assign yourself the application administrator role, you must request it from your Azure administrator. For more information, see the Microsoft documentation.

  • A command line shell, such as Windows PowerShell, must be available.

  • You must have installed the Azure CLI.

Account Types

  1. Single Subscription:  This is a basic subscription model where all resources are grouped under one subscription. 

  2. Management group: This model involves having several subscriptions within an Azure tenant.

If you manage multiple subscriptions using Azure Management Groups, select the “Management Group” option and provide the Management Group ID in the section below. Otherwise, select the “Single Subscription” option and provide the Subscription ID below.

Tip

If your Azure account is enrolled in an EA (Enterprise Administrator) setup, please ensure the "AO view charges" setting is enabled so assets within subscriptions have access to cost data. See Azure's documentation for how to confirm it's enabled.

Tip

If your Azure account is enrolled with a Cloud Service Provider (CSP), please ensure that the cost visibility policy for Azure Usage charges is set to Yes. This setting grants assets within your subscriptions access to cost data. See Azure's documentation for how to enable the policy to view Azure usage charges.

Single Subscription Steps

  1. Open the WindowsPowerShell (or any command line shell for Windows).

  2. Enter the following command to prompt a browser sign-in request to Azure:

    > az login

  3. Run the following command to get account information:

    > az account show

    Sample output:

    {
      "environmentName": "AzureCloud",
      "homeTenantId": "70e745ff-69d3-74fd-898c-8423d510f4c1",
      "id": "a000b0c0-0e0e-000b-d00c-0000000000f0",     //copy this value
      "isDefault": true,
      "managedByTenants": [],
      "name": "Subscription Name",
      "state": "Enabled",
      "tenantId": "00e000b0-00f0-00ed-00ff-0000d000f0d0",     //copy this value
      "user": {
        "name": "john.nguyen@company.com",
        "type": "user"
       }
     }
  4. In Virtana Platform:

    1. Navigate to Settings>Integrations>Cloud Providers.

    2. Click Add Integration and select the appropriate integration type.

    3. Optional: Enter a descriptive name for the integration instance to identify its purpose.

  5. In the shell, copy the following account values and paste them into the related fields in the Virtana Platform integration configuration form:

    • tenantId: Paste in the Tenant ID field.

    • Id: Paste in the Subscription ID field.

    Keep Virtana Platform open to the integration configuration form.

    Important

    Perform the steps given below from steps 6 to 10 to set up your integration.

  6. In the shell, run the following command to create a reader role for Virtana Platform for this Azure integration instance:

    > az ad sp create-for-rbac --role "Monitoring Reader" --name VirtanaReader --scopes /subscriptions/<subscription-id>

    Substitute <subscription-id> with the "id" value from the output in step 3.

    Important

    Each integration added to Virtana Platform must have its own reader role, and each reader role must be uniquely named, such as VirtanaReader, VirtanaReader-1, etc.

    Sample output:

    {
      "appId": "0e00ceb0-0c0d-0f00-0b00-00f00000c0d0",     //copy this value
      "displayName": "VirtanaReader",
      "name": "http://VirtanaReader",
      "password": "0f00e000-00ef-000b-aa0d-0a000000000c",     //copy this value
      "tenant": "00f000e0-00f0-00fd-000b-0000e000d0f0"
    }

    You need the values for the "appId" and "password" parameters to complete the integration form in Virtana Platform.

  7. In the shell, copy the following account values and paste them into the related fields in the Virtana Platform setup page:

  8. In the shell, run the following command to create a reader and data access role for Virtana Platform for this Azure integration instance:

    az role assignment create --assignee "<app-id>" --role "Reader and Data Access" --scope "/subscriptions/<subscription-id>"

    Substitute <subscription-id> with the "id" value from the output in step 3. Substitute <app-id> with the "appId" value from the output in step 6.

    Sample output:

    {
      "canDelegate": null,
      "condition": null,
      "conditionVersion": null,
      "description": null,
      "id": "/subscriptions/5f0bc2a9-6d58-494f-9fc2-88aa97d3cd89/providers/Microsoft.Authorization/roleAssignments/9011f8fb-8605-4906-9923-d4483b61b07c",
      "name": "9011f8fb-8605-4906-9923-d4483b61b07c",
      "principalId": "900a5559-cec1-4f1c-956d-447238309752",
      "principalType": "ServicePrincipal",
      "roleDefinitionId": "/subscriptions/5f0bc2a9-6d58-494f-9fc2-88aa97d3cd89/providers/Microsoft.Authorization/roleDefinitions/c12c1c16-33a1-487b-954d-41c89c60f349",
      "scope": "/subscriptions/5f0bc2a9-6d58-494f-9fc2-88aa97d3cd89",
      "type": "Microsoft.Authorization/roleAssignments"
    }
  9. In Virtana Platform, click Save and close the setup form.

    The new integration is displayed in the Cloud Provider Integrations list.

  10. In Virtana Platform, click Save and close the setup form. The new integration is displayed in the Cloud Provider Integrations list.