Create an Azure User with Minimal Permissions for the Cisco Secure Dynamic Attributes Connector

This task discusses how to set up a service account with minimum permissions to send dynamic attributes to Security Cloud Control. For a list of these attributes, see Azure Connector—About User Permissions and Imported Data.

Before you begin

You must already have a Microsoft Azure account. To set one up, see this page on the Azure documentation site.

Procedure


Step 1

Log in to the Azure Portal as the owner of the subscription.

Step 2

Click Azure Active Directory.

Step 3

Find the instance of Azure Active Directory for the application you want to set up.

Step 4

Click Add > App registration.

Step 5

In the Name field, enter a name to identify this application.

Step 6

Enter other information on this page as required by your organization.

Step 7

Click Register.

Step 8

On the next page, make note of the Client ID (also referred to as application ID) and the tenant ID (also referred to as the directory ID).

A sample follows.

Make note of the application and tenant ID

Step 9

Next to Client Credentials, click Add a certificate or secret.

Step 10

Click New Client Secret.

Step 11

Enter the requested information and click Add.

Step 12

Copy the value of the Value field to the clipboard. This value, and not the Secret ID, is the client secret.

Copy the client secret to the clipboard now because you will not see it again

Step 13

Go back to the main Azure Portal page and click Subscriptions.

Step 14

Click the name of your subscription.

Step 15

Copy the subscription ID to the clipboard.

Copy the subscription ID to the keyboard

Step 16

Click Access Control (IAM).

Step 17

Click Add > Add role assignment.

Step 18

Click Reader and click Next.

Step 19

Click Select Members.

Step 20

On the right side of the page, click the name of the app you registered and click Select.

Associate the role with your app

Step 21

Click Review + Assign and follow the prompts to complete the action.


What to do next

See Create an Azure Connector.