Preparing Azure
This page explains how to set up an Azure subscription so that ACTIVATE can manage your Azure infrastructure, clusters, billing, storage, and usage data.
The steps included on this page should be completed by a cloud engineer in your organization.
Azure Subscription
We recommend creating a new Azure subscription for the ACTIVATE platform, which will allow you to keep your existing Azure subscription separate from the platform and make it easier to manage billing and usage data. This will also ensure the principle of least privilege, as ACTIVATE will only have access to the resources it needs to manage.
To learn more about Azure subscriptions, please see the Azure documentation.
Setting Up Azure Credentials
To get started quickly, you can create a new service principal and add the Owner role. This will allow ACTIVATE to manage all resources in your subscription. If you want to limit the scope of the service principal, you can create a custom role and assign it to the service principal.
Creating a Client Secret
ACTIVATE uses Azure client secrets to authenticate with Azure. You can create a new client secret by following the steps in the Azure documentation.
Azure Access Policies
pw-billing
Assign the following predefined roles to your application in order for ACTIVATE to provision billing infrastructure and access true cost data.
Owner
Storage Blob Data Owner