Versions Compared

Version Old Version 17 New Version 18
Changes made by

MS (Unlicensed)

MS (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

...

You can add one set of credentials from a subscription to one Abiquo enterprise only.

  1. Create an Azure subscription.

    1. You may require separate credentials for some groups of regions, for example, regions in China.

  2. Obtain details of the subscription and create an Application with the following Azure attributes:

    1. Subscription ID

    2. Application (client) ID

    3. Directory (tenant) ID

    4. Application password

  3. Follow this guide to obtain give consent for the Application to work with 

    1. AccessToken

    2. RefreshToken

Note

Abiquo provides these instructions as a guide only and we update them occasionally. 

Abiquo recommends that customers follow the instructions of the cloud provider, for example, at the time of writing for Azure:

...

To obtain details of your Azure subscription, do the following steps.

  1. Log in to the Azure portal

  2. In the Home view, under Azure services, click Subscriptions. Or in the search box in the top menu bar, enter Subscriptions. Then select Subscriptions

...

  1. Image Added

  2. Click on your subscription

    (info) If the subscription does not display, check that you have selected the correct directory. Click on the directory name in the top right corner. From here you can switch directory

...

  1. Image Added

  2. Save the Subscription ID to enter in the Abiquo credentials.

  3. If you purchased the subscription directly from Azure, you can also save the Offer ID for the pricing credentials.

Create an ARM application using Azure portal

...

To create an ARM application using the Azure Portal and obtain details of the application, do these steps.

  1. Log in to the Azure portal

  2. In the Home view, under Azure services, click Azure Active Directory. Or in the search box, enter Azure Active Directory. Select Azure Active Directory

...

  1. Image Added

  2. On the left, click App registrations

  3. Click New registration

...

  1. Image Added

  2. To register the application, enter a Name, select the Supported account types, and enter a URL. If you know the URI of the partner consent service, enter it now. Or you can enter any URL and edit the application and change this value later. Click Register

...

  1. Image Added

  2. Save the Application (client) ID and the Directory (tenant) ID, because you will need to configure them in Abiquo. Then click Certificates & secrets

...

  1. Image Added

  2. To configure the password for the application, click New client secret, which will open the Add a client secret section. Enter a Description and an Expiry duration, then click Add

...

  1. Image Added

    The Azure portal will display the application password ONCE ONLY. You must use this password in Abiquo, so make sure to save it, because Azure will not display it again.

...

  1. Image Added

  2. Go to the Subscriptions menu, select the subscription you want to associate the application with, and add a new permission for it with these steps.

    1. Select Access control (IAM)

    2. Click Add

    3. Click Add role assignment

    4. In the dialog, select the Contributor role, and in the Select box, enter the name of the application. Then click Save

...

    1. Image Added

  2. Go to the Subscriptions menu again and select Resource providers

    1. Search for the Microsoft.Compute provider and click Register to add it for the subscription if it is not already added

    2. Search for the Microsoft.Network provider and click Register to add it for the subscription if it is not already added

Assign permissions to the App

...

For each of the permissions:

  1. Click + Add

  2. Click the (tick) Grant for … button

Category

Permission

Azure Service Management

user_impersonation

Microsoft Graph

Application.ReadWrite.All

RoleManagement.ReadWrite.Directory

Microsoft Partner

user_impersonation

Microsoft Parter Center

user_impersonation

...

To create your own server to grant consent for the use of your Azure credentials, follow the instructions in the Azure documentation. For general instructions, see https://docs.microsoft.com/en-us/partner-center/develop/partner-center-authentication#app--user-authentication and for Java instructions: https://docs.microsoft.com/en-us/partner-center/develop/partner-center-authentication#java-appuser-authentication.

To complete the configuration:

  1. Log in to the Azure portal

  2. Edit your Azure application

  3. In the Redirect URI, enter the URL of the partner consent service.

Add the Azure ARM compute credentials to Abiquo

...

To connect Abiquo to your Azure ARM account, add the Azure ARM credentials obtained in the above steps to Abiquo, with the following steps.

  1. Log in to Abiquo

  2. Go to Users view

  3. Edit the enterprise and go to Credentials → Public

  4. Select the Azure ARM provider, and enter the credentials in the following format.

  • Identity: 

    Code Block
    subscription-id#app-id#dir-id

    This means you should enter the Subscription ID, Application (client) ID, and Directory (tenant) ID, as a single string and separate each element with a '#'. For example: 

    Code Block
    566058dd-80bc-4ccc-8d6e-e9ac00c4b4a1#8927a710-4f4d-4d11-811c-94c36e9b2c3f#fbb96b71-f92c-4f78-acf7-cd88bdee36b1

  • Credential: Enter the password for the Application.

...