Azure Active Directory (AD) Applications are identities that you create and control within your own AD tenant and can be granted privileges on the resources that you specify. These applications have their own login credentials and are intended to be used in code, such as in Cloud Ctrl.
Cloud Ctrl using the AD Applications to connect to the Azure Resource Manager and gather metadata and metrics from your subscriptions.
For all these steps Microsoft have published documentation covering the process in the Azure Portal.
Create an Azure AD Application
First create the Application in your Azure AD tenant.
For the name we suggest using “Cloud Ctrl” so it can easily be identified.
For the redirect URL we suggest using https://portal.cloudctrl.com.au
Assign roles to the application
You will need to grant a READ role assignment to each subscription you wish to connect to Cloud Ctrl.
Get the Application credentials for Cloud Ctrl
Cloud Ctrl needs three pieces of information to connect to your subscriptions using the application, the tenant and application IDs and the application secret.
Get the tenant and application ID
Get the application secret
When generating the new client secret you can select an expiry period, we recommend selecting “Never” to prevent downtime in the link to Cloud Ctrl.