Create an Azure User with Minimal Permissions for the Cisco Secure Dynamic Attributes Connector
This task discusses how to set up a service account with minimum permissions to send dynamic attributes to Security Cloud Control. For a list of these attributes, see Azure Connector—About User Permissions and Imported Data.
Before you begin
You must already have a Microsoft Azure account. To set one up, see this page on the Azure documentation site.
Procedure
| 1 |
Log in to the Azure Portal as the owner of the subscription. |
| 2 |
Click Azure Active Directory. |
| 3 |
Find the instance of Azure Active Directory for the application you want to set up. |
| 4 |
Click . |
| 5 |
In the Name field, enter a name to identify this application. |
| 6 |
Enter other information on this page as required by your organization. |
| 7 |
Click Register. |
| 8 |
On the next page, make note of the Client ID (also referred to as application ID) and the tenant ID (also referred to as the directory ID). A sample follows.
|
| 9 |
Next to Client Credentials, click Add a certificate or secret. |
| 10 |
Click New Client Secret. |
| 11 |
Enter the requested information and click Add. |
| 12 |
Copy the value of the Value field to the clipboard. This value, and not the Secret ID , is the client secret.
|
| 13 |
Copy the Secret ID to the clipboard because you'll need it to set up the Azure connector.
|
| 14 |
Go back to the main Azure Portal page and click Subscriptions. |
| 15 |
Click the name of your subscription. |
| 16 |
Copy the subscription ID to the clipboard.
|
| 17 |
Click Access Control (IAM). |
| 18 |
Click . |
| 19 |
Click Reader and click Next. |
| 20 |
Click Select Members. |
| 21 |
On the right side of the page, click the name of the app you registered and click Select.
|
| 22 |
Click Review + Assign and follow the prompts to complete the action. |
