resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update documentation for AzureRM (#12129)

This commit is contained in:
Gerald Goh 2017-02-21 18:34:49 +08:00 committed by Paul Stack
parent 2fce519f57
commit a5010f8ca5
1 changed files with 24 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
website/source/docs/providers/azurerm/index.html.markdown
View File

@ -129,25 +129,36 @@ To grant permissions to the App Registration to your subscription, you now must
- Type in the name of the application added in the search box. You need to type this as it won't be shown in the user list. Click on the appropriate user in the list and then click **Select**
- Click **OK** in the **Add Access** panel. The changes will now be saved
To create using azure cli:
`az` is using the new azure 2.0 cli using python rather than the old nodejs version. You might be able to replace `az` with `azure`.
```
az login
az account set --name="${SUBSCRIPTION_ID}"
az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/${SUBSCRIPTION_ID}"
```
## To create using [Azure CLI](https://github.com/Azure/azure-cli):
```shell
az login
az account set --subscription="${SUBSCRIPTION_ID}"
az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/${SUBSCRIPTION_ID}"
```
This will output your `client_id`, `client_secret` (password), `sp_name`, and `tenant`. The sp_name or client_id may be used for the `servicePrincipalProfile.servicePrincipalClientId` and the `client_secret` is used for `servicePrincipalProfile.servicePrincipalClientSecret`.
Confirm your service principal by opening a new shell and run the following commands substituting in `sp_name`, `client_secret`, and `tenant`:
```
az login --service-principal -u SPNAME -p CLIENTSECRET --tenant TENANT
az vm list-sizes --location westus
```
This may be out of date and was based on: [https://github.com/Azure/acs-engine](https://github.com/Azure/acs-engine/blob/417d0d3655aeab0fee784ef6c623ac8333ebb936/docs/serviceprincipal.md#creating-a-service-principal)
```shell
az login --service-principal -u NAME -p PASSWORD --tenant TENANT
az vm list-sizes --location westus
```
Microsoft have a more complete guide in the Azure documentation: [Create Active Directory application and service principle](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/)
* **With the legacy [Azure XPlat CLI](https://github.com/Azure/azure-xplat-cli)**
Instructions: ["Use Azure CLI to create a service principal to access resources"](https://azure.microsoft.com/en-us/documentation/articles/resource-group-authenticate-service-principal-cli/)
* **With [PowerShell](https://azure.microsoft.com/en-us/documentation/articles/resource-group-authenticate-service-principal/)**
Instructions: ["Use Azure PowerShell to create a service principal to access resources"](https://azure.microsoft.com/en-us/documentation/articles/resource-group-authenticate-service-principal/)
* **With the [Legacy Portal](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/)**
Instructions: ["Use portal to create Active Directory application and service principal that can access resources"](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/)
This may be out of date and was based on: [https://github.com/Azure/acs-engine](https://github.com/Azure/acs-engine/blob/master/docs/serviceprincipal.md)
## Testing