Configure Azure DNS

Azure is natively supported through Cloud Integration. An Azure or Azure Government subscription may be added with the Configure Cloud Service Account Wizard (see Configure Cloud Integration) in the Management Console.

Prerequisites

Getting the service principal details

Detailed instructions on how to create a service principal and retrieve the Tenant ID, Subscription ID, Client ID (also known as Application ID), and the Client Secret (also known as authentication key), can be found here: https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal

Frequently asked questions (FAQ)

Can I configure a proxy for the connection to Azure services?

This feature is currently not available.

What are the minimum permissions required for Micetro to integrate fully with Azure?

Below is a custom role definition that covers all the required permissions for DNS and IPAM. Please look at Azure documentation on how to create a custom role.

{
"Name": "Men&Mice Operator",
"IsCustom": true,
"Description": "Can manage DNS and IPAM related resources.",
"Actions": [
  "Microsoft.Network/dnsZones/*",
  "Microsoft.Network/virtualNetworks/read",
  "Microsoft.Network/virtualNetworks/write",
  "Microsoft.Network/virtualNetworks/delete",
  "Microsoft.Network/virtualNetworks/subnets/read",
  "Microsoft.Network/virtualNetworks/subnets/write",
  "Microsoft.Network/virtualNetworks/subnets/delete",
  "Microsoft.Compute/virtualMachines/read",
  "Microsoft.Compute/virtualMachines/instanceView/read",
  "Microsoft.Network/networkInterfaces/ipConfigurations/read",
  "Microsoft.Resources/subscriptions/resourceGroups/read"
  ],
"AssignableScopes": [
  "/subscriptions/<your subscription id or specify a more granular scope>"
  ]
}