Connect Azure account
Securely connect your Microsoft Azure account to Sedai's autonomous cloud platform. Optimize and automate your cloud infrastructure with step-by-step instructions.
Last updated
Was this helpful?
Securely connect your Microsoft Azure account to Sedai's autonomous cloud platform. Optimize and automate your cloud infrastructure with step-by-step instructions.
Last updated
Was this helpful?
If you do not have access to create a subscription in Azure, we recommend raising a ticket with your security team.
Summary: You can integrate your Azure virtual machines (VMs) either by creating a new application in your account or via multi-tenant service principal. These steps need to be repeated for each Azure account you want to connect to Sedai.
Sedai currently supports Azure Virtual Machines, Managed Disks and Azure Kubernetes Service (AKS).
Sedai individually connects to Kubernetes clusters, so AKS clusters are displayed independent of their corresponding Azure account. To connect your AKS workloads, we recommend deploying Sedai's Smart Agent within your cluster, but you can also setup with agentless access.
Note: In Sedai, each Subscription ID is treated as a unique Account. Therefore, you cannot add multiple Sedai accounts with identical Subscription ID and Tenant ID. If you have multiple resource groups under a single Subscription ID that require monitoring, adding that Subscription ID as a single Sedai account will meet your needs. This holds true while using Azure client credentials or Multi tenant service principal.
Log in to your Azure portal and setup access using one of the following options:
Azure Client Credentials: Create a new application and provide the following information to connect to Sedai: β Subscription ID
β Tenant ID β Client ID β Client Credentials
Multitenant Service Principal: Use an application created in Sedaiβs Azure account. Sedai will use your Client ID and Client Credentials from Sedaiβs Azure account to access your APIs. You will need to create a new service principal using Sedaiβs application and provide the following information to connect to Sedai: β Subscription ID β Tenant ID
Once completed, navigate to https://yourcompany.sedai.app and click Connect Cloud to integrate your account within Sedai.
In this approach, you will need to create and register a new single tenant application. (Note: Redirect URL is not required).
Client & Tenant IDs: Once application is created, go to its Overview page and copy and save the Client ID and Tenant ID; you will paste these into Sedaiβs UI momentarily.
Subscription ID: Navigate to Subscriptions and copy the Subscription ID.
Secret Key: Navigate to your new application and go to Certificates & secrets. Generate a new secret key and copy the value.
Role Assignment at Subscription Level: Next, navigate to Access control and create a new role assignment and select Monitor Reader for the Job function role. Assign access to User, group, or service principal and click Select members to attach your newly created application to the assignment.
Role Assignment at Resource Group Level. Next, navigate to Access control under the required resource group and create a new role assignment and select Monitor Reader for the Job function role. Assign access to User, group, or service principal and click Select members to attach your newly created application to the assignment. Add role assignment in resource group Select Monitor Reader
Once complete, log in to your Sedai account and navigate to Settings > Integrations. Select Add Integration and follow the prompts to connect your Azure account.
Since you can add multiple Azure accounts to Sedai, you will be asked to give your integration a unique nickname β this helps you easily identify resources within Sedai.
Click the Test Connection button to verify your connection works. If the connection fails, please double-check that you've entered the correct information in each field. If the connection is successful, click Next to connect a monitoring data source.
If you're interested in using this approach, contact support@sedai.io to request an application hosted in Sedai's Azure account.
Create Service Principal: Contact our team to request an Application/Client ID.
Role Assignment: Navigate to Access control and create a new role assignment and select Reader for the Job function role. Assign access to User, group, or service principal and click Select members to attach Sedaiβs application to the assignment.
Share Subscription & Tenant IDs with Sedai Team: Once you have created the new service principal and configured role assignment, copy the Subscription ID and Tenant ID and send them to our team who will complete setup within your Sedai environment.