Skip to end of metadata
Go to start of metadata

Azure Resource Manager

To enable support for Azure, Scalr needs to get access to the Azure Resource Manager API. First step is to enable access through the Azure Dashboard and then add credentials to the Scalr configuration.

Scalr will access Azure Resource Manager on behalf of the user to query subscriptions and configure RBAC access. 

  1. Login to https://portal.azure.com/ using Microsoft Live account.
  2. Click on Active directory in the left menu.
  3. Make sure you are in your Default directory (or add a new one).


  4. Click on App Registrations in the left menu.
  5. Click on New Application Registration.



  6. Enter the name Scalr :


  7. Enter the following details:
    1. SIGN-ON URL: http://your-scalr-domain.com/public/xAzureToken (Make sure to replace your-scalr-domain.com with the value of routing[:endpoint_host] that you have in your scalr-server.rb config file. It should be the IP or Domain that you use to access the Scalr Web UI.)
    2. Save
  8. Click on the new application on the left
  9. Ensure the APP ID URI is configured correctly
    1. APP ID URI: http://domain.onmicrosoft.com/scalr (make sure that you replace domain.onmicrosoft.com with your actual Active Directory domain which can be found under "Domains" in the relevant directory - the same one from step 3).
  10. Under keys, create a new key and select how many years you want this key to last. Be sure to save your Secret Key.



  11. Under the Required Permissions section, locate Windows Azure Active Directory.
  12. Under Delegated Permissions select Sign in and read user profile permission
     

  13. Click on Add permission.
  14. Click on Windows Azure Service Management API and Select.


  15. Make sure that Access Azure Service Management permission is set on Delegated Permissions for Windows Azure Service Management API.


  16. After clicking on Save, you should be able to locate the CLIENT-ID (Application ID) under the registered app, an should have your SECRET-KEY from step 10.


  17. Last step is to enter the CLIENT-ID and SECRET-KEY into the Scalr configuration file (/etc/scalr-server/scalr-server.rb).

    app[:configuration] = {  
      :scalr => {
        :azure => {
          :app_client_id => 'a85a9c74-94ec-4adc-9bca-ee4cfc613556',
          :app_secret_key => 'bG9/OwyRJoCvXa3XpyLdlX5E1OzBcjZ7K0F9TlaB3vQ='     
        }
      }
    }
  18. Tell Scalr to re-read the configuration file by running: scalr-server-ctl reconfigure


Note: Scalr is limited to one Azure AD, but may be configured with as many subscriptions as necessary.  Each subscription would be configured as individual Cloud Credentials and each Environment may have one subscription (Cloud Credential) Linked.  Additionally, you can create a multi-tenant app in AD and then use different tenants with different subscriptions if your subscriptions do not belong to the same AD.