Please note this article applies only to BYO Azure clouds, and not Azure from Telstra. |
You need to follow the steps documented below if you would like Cloud Sight to access BYO Azure accounts (clouds you've bought from a provider other than Telstra).
This should be done after you've completed the process of selecting your Azure AD tenant. The 'Telstra Cloud Sight' service principal mentioned below is only added to your tenant during that process.
Giving Cloud Sight reader access to your Azure subscription
1. Log in to the Azure portal. You'll need to log in with administrative permissions to complete this process.
2. Select 'Subscriptions' from the home page. You'll arrive at the Subscriptions page where all your Azure subscriptions can be seen. These are the clouds you can add to Cloud Sight.
3. Select the subscription you'd like to use on Cloud Sight.
4. Select Access control (IAM) from the navigation pane on the left.
5. Select the Role assignments tab. This shows you the roles assigned to this subscription.
6. Click on the '+Add' button above the tabs and choose 'Add role assignment' from the drop-down list. You'll arrive at the Add role assignment page.
7. From the 'Role' dropdown list, select the 'Reader' role.
8. From the 'Select' list, choose the 'Telstra Cloud Sight' service principal. You can also type in the 'Select' field to search the directory for display names.
9. Click on 'Save' to assign the role.
It may take a few moments to assign a 'Reader' role to the subscription.
Once you've completed these steps, return to the cloud details page and hit the check status button if an error message is displayed.