Skip to Content
Information

This site will undergo a brief period of maintenance on Friday, 18 December at 12:30 AM Central/12:00 PM IST. During a 30 minute window, site availability may be intermittent.

Azure cloud access configuration

This topic explains how to configure access for Azure cloud.

Related topic

Microsoft-Azure-configuration

In order to allow configure BMC AMI Cloud for Azure cloud access, use the following procedure:

  1. Collect required information:
    • Storage account name—Document the storage account name you created for BMC AMI Cloud (for example, amiclouddemoaccount)
    • Container name—Document the container name (for example, amiclouddemoaccount)

    • Storage account URL—On the Azure portal, select the container you created for BMC AMI Cloud and go to Properties. A URL for the container will be shown in the following format: https://<StorageAccountName>.blob.core.windows.net/<containerName>. (For example, https://amiclouddemoaccount.blob.core.windows.net/amicloud-demo-container.)

      Warning

      Important

      When configuring BMC AMI Cloud, do not include the container name in the URL. For example, https://amiclouddemoaccount.blob.core.windows.net/amicloud-demo-container.

    • Application secret—Make sure you have the secret created on the previous steps. if not, repeat this step and collect the secret. For example, on~bO.B_R_uzip3u3OKdw7gUDV92s_z4_F.
    • Application and Tenant ID—On the Azure portal, go to the Azure active directory and App registration. Select the BMC AMI Cloud application and go to the overview tab. The application (client) ID and directory (tenant) ID will be available on the top of the screen. For example, Application (client) ID: a7819e18-fdca-4b23-9d7c-04e0ba392bfcDirectory (tenant) ID: f3a811d8-2e40-4a50-8a88-84317dbf578b

  2. Server configuration—The server configuration should have the exact same cloud values. The following agent parameters need to be configured on the model9-local.yml file on the Linux server under /data/model9/conf/model9-local.yml.

    model9.objstore.endpoint.api.id: azureblob-oauth2model9.objstore.jclouds-config.jclouds.oauth.audience: https://storage.azure.com/model9.objstore.jclouds-config.jclouds.oauth.credential-type: clientCredentialsSecretmodel9.objstore.endpoint.url: <Storage account URL>model9.objstore.resources.container.name: <Container Name>model9.objstore.jclouds-config.jclouds.azureblob-oauth2.storageaccount: <Storage Account Name>model9.objstore.jclouds-config.oauth.endpoint: https://login.microsoftonline.com/<Tenant ID>/oauth2/tokenmodel9.objstore.endpoint.userid: <Application ID>model9.objstore.endpoint.password: <Application Secret>

    According to the examples in this document the parameters will look like this:

    model9.objstore.endpoint.api.id: azureblob-oauth2model9.objstore.jclouds-config.jclouds.oauth.audience: https://storage.azure.com/model9.objstore.jclouds-config.jclouds.oauth.credential-type: clientCredentialsSecretmodel9.objstore.endpoint.url: https://model9demoaccount.blob.core.windows.netmodel9.objstore.resources.container.name: model9-demo-containermodel9.objstore.jclouds-config.jclouds.azureblob-oauth2.storageaccount: model9demoaccountmodel9.objstore.jclouds-config.oauth.endpoint: https://login.microsoftonline.com/f3a811d8-2e40-4a50-8a88-84317dbf578b/oauth2/tokenmodel9.objstore.endpoint.userid: a7819e18-fdca-4b23-9d7c-04e0ba392bfcmodel9.objstore.endpoint.password: on~bO.B_R_uzip3u3OKdw7gUDV92s_z4_F

    The server parameters are prefixed with model9.

  3. Agent configuration—In order to configure the BMC AMI Cloud agent cloud definitions you will need the information collected above. Configure the following Agent parameters on the agent.yml configuration file under /usr/lpp/model9/conf/agent.yml:

    objstore.endpoint.api.id: azureblob-oauth2
    objstore.jclouds-config.jclouds.oauth.audience: https://storage.azure.com/
    objstore.jclouds-config.jclouds.oauth.credential-type: clientCredentialsSecret
    objstore.endpoint.url: <Storage account URL>
    objstore.resources.container.name: <Container Name>
    objstore.jclouds-config.jclouds.azureblob-oauth2.storageaccount: <Storage Account Name>
    objstore.jclouds-config.oauth.endpoint: https://login.microsoftonline.com/<Tenant ID>/oauth2/token
    objstore.endpoint.userid: <Application ID>
    objstore.endpoint.password: <Application Secret>

    According to the examples in this document the parameters will look like this:

    objstore.endpoint.api.id: azureblob-oauth2
    objstore.jclouds-config.jclouds.oauth.audience: https://storage.azure.com/
    objstore.jclouds-config.jclouds.oauth.credential-type: clientCredentialsSecret
    objstore.endpoint.url: https://model9demoaccount.blob.core.windows.net
    objstore.resources.container.name: model9-demo-container
    objstore.jclouds-config.jclouds.azureblob-oauth2.storageaccount: model9demoaccount
    objstore.jclouds-config.oauth.endpoint: https://login.microsoftonline.com/f3a811d8-2e40-4a50-8a88-84317dbf578b/oauth2/token
    objstore.endpoint.userid: a7819e18-fdca-4b23-9d7c-04e0ba392bfc
    objstore.endpoint.password: on~bO.B_R_uzip3u3OKdw7gUDV92s_z4_F

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC AMI Cloud Data and BMC AMI Cloud Vault 2.7