Creating an Azure Service Account for Cirrus Data Cloud

NOTE: To follow this guide, you will need the following roles or equivalent higher roles:
User Access Administrator (Subscription Level IAM)
Application Administrator (Directory Level IAM)

Register an Application for Cirrus Data Cloud

Go to 'App Registrations'
Name and Create the application
On the Overview page, copy the following values into a document:
Application (client) ID
Directory (tenant) ID
On the App page, go to 'Certificates & Secrets'


Click 'New Client Secret'
Copy the value generated somewhere secure


Create a Custom Role for Cirrus Data Cloud

Under the subscription to be used for Cirrus Data Cloud, first go to the IAM page and click 'Create Custom Rule'


Add a name and description and verify that 'create from scratch' is selected
On the permissions tab, add the following permissions:
Microsoft.Authorization/permissions/read
Microsoft.Compute/virtualMachines/read
Microsoft.Compute/virtualMachines/write
Microsoft.Compute/disks/read
Microsoft.Compute/disk/write
Microsoft.Network/networkInterfaces/join/action
Click 'review+create'


Assign the Custom Role to the Application

From the IAM page, click 'Role Assignments'
Add > Add Role Assignment
Select the new Custom Role
Type the name of the Application, then select it
Click Save
Was this article helpful?
Cancel
Thank you!