Azure Subscription Setup

Overview

This document outlines the steps required to integrate your Azure subscriptions with OpenGovernance by creating a Service Principal with read-only access. This integration enables OpenGovernance to provide visibility and governance capabilities over your Azure resources.

Prerequisites

Before you begin, ensure the following prerequisites are met:

Azure CLI: Installed and authenticated on your machine.
- Install Azure CLI: Azure CLI Installation Guide
- Authenticate: Run az login and follow the prompts.
OpenGovernance: Installed and running.
- Refer to the OpenGovernance installation documentation if needed.

Steps

1. Clone the Integration Scripts Repository

The integration scripts automate the creation of the Service Principal and role assignment.

# Clone the repository
git clone https://github.com/opengovern/integration-automation-scripts.git

# Navigate to the Azure directory
cd integration-automation-scripts/azure-subscriptions

2. Run the Reader Role Assignment Script

Execute the script to create a Service Principal (SPN) and assign it the 'Reader' role across all your Azure subscriptions.

# Make the script executable (if not already)
chmod +x assign_reader_role.sh

# Run the script
./assign_reader_role.sh

3. Setup OpenGovernance

After running the script, it will output essential details required for configuring OpenGovernance:

Tenant ID, Application (Client) ID, Object ID, Client Secret

Use the credentials obtained to configure Azure integration within OpenGovernance.

Open your web browser and navigate to the OpenGovernance portal.
Log in with your administrator credentials
Navigate to Integrations -> Azure
Select Add new Integration -> New SPN
Enter the Required Details

Last updated 2 months ago