Connecting Lightwing to Azure
To connect Azure, you need to obtain following credentials from your Azure account.
- Subscription id
- Client id (aka application id)
- Tenant id (aka directory id)
- Client secret
In case if you are not familiar with account hierarchy in Azure :
Documentation assumes that you already have resources deployed in the above fashion.
Getting Subscription id
- Login to your Azure portal
- Navigate to subscriptions
- Select the
Subscription IDthat you are using. Eg:
Getting client id and tenant id
You need to register Lightwing as a new App within App registrations page.
Once you register an app, clicking on the Lightwing app name will give you client id and tenant id.
Getting client secret
- Click on the App name from the App registrations page
- Click on “Certificates & secrets” from the left menu
- Click on
New client secret
- Once created copy the
Value. This is the
Providing access role
Now that you have created Lightwing App, you need to give permissions to access the subscription. Lightwing needs
Contributor permission to manage your resources. Hence you can either grant
Contributor role or all of the following granular roles to Lightwing.
Virtual Machine Contributor
Storage Account Contributor
Assigning a role
- Navigate to subscriptions page
- Choose the subscription
- Click on
Access control (IAM)
Add a role assignment
- Choose the role you wish to grant.
- Choose Assign access to as
Azure AD user, group or service principal
- Type your app name (eg: Lightwing)
- Save the changes
Note : In case you are assigning 3 granular roles (Virtual Machine Contributor, Network Contributor & Storage Account Contributor), you will need to repeat steps 4 to 8 for each of the three roles independently.
Setting up Azure on Lightwing
Open up lightwing console and follow the below instructions.
- Login to lightwing and click on “Cloud accounts”
- Click on “Add account” and choose Azure among the list.
- Enter subscription id, client id, tenant id and client secret
- Click “Next” and lightwing will successfully connect to your Azure account