Skip to main content

Add Azure

1. Navigate to Cloud Accounts List

To add a new Azure Subscription, navigate to the Accounts section in the KFC Portal and click on Add Account.

Select the AZURE provider; on the next page provide the account Display Name and Description.

2. Provide Cloud Credentials

Each Azure subscription must have a Service Principal created with assigned permissions required by KFC. For your convenience, we prepared a bash onboarding script that can be used to make all the necessary resources with Azure CLI. Please first provide a Subscription ID in the onboarding form, then download the script by clicking the Azure Onboarding Script link.

The easiest way to run this script is to navigate to the Azure Console and use built-in Cloud Shell console.

As a result script will create a Service Principal named nordcloud-fleet-control and print the credentials. Please copy the output and use it to provide input for the App ID, Password and Tenant fields in the onboarding form. After that, review the account configuration and complete the onboarding process.

info

Cloud credentials are automatically validated when a new account is added. Because of that, it is only possible to add an account with valid credentials. The credentials are most likely invalid if you encounter any error on saving account configuration.

3. Install SSM Agents on Instances

Fleet Control requires all virtual machines to install an AWS SSM Agent. Please refer to the Install SSM Agent section for more details.

4. Update Cloud Credentials

If cloud credentials become invalid after completing the onboarding process, you can easily update them by modifying the cloud account configuration. Please navigate to the cloud account details page and click Edit Credentials. On the right side, you will see the form allowing you to upload a new set of credentials.

5. Using API

Get Onboarding Script
query getAzureOnboardingScript {
  azureOnboardingScript(subscriptionId: "AZURE_SUBSCRIPTION_ID")
}
Add Azure Cloud Account
mutation addAzureCloudAccount {
  createCloudAccount(
    input: {
      name: "ACCOUNT_NAME"
      description: "DESCRIPTION"
      provider: AZURE
      providerId: "SUBSCRIPTION_ID"
      credentials: {
        azure: {
          appId: "SERVICE_PRINCIPAL_ID"
          password: "SERVICE_PRINCIPAL_KEY"
          tenantId: "AZURE_TENANT_ID"
        }
      }
    }
  ) {
    id
    status
  }
}
Update Credentials
mutation updateAccountCredentials {
  updateCloudAccount(
    input: {
      id: "CLOUD_ACCOUNT_ID"
      credentials: {
        azure: {
          appId: "SERVICE_PRINCIPAL_ID"
          password: "SERVICE_PRINCIPAL_KEY"
          tenantId: "AZURE_TENANT_ID"
        }
      }
    }
  ) {
    id
    status
  }
}