Azure Stack Hub Multi Stamp Management
Cloud Assert HomeDocs Home
2201.1
2201.1
  • Introduction
  • Release Notes
  • Key Concepts
    • ADMIN
      • Manage Stamps
      • Updates
      • Images and Marketplace
      • Usage and Billing
      • Capacity and Infrastructure Management
      • Alerts
      • Diagnostics
      • Tenant Services
      • Email Reports
      • Offline Marketplace Download
  • INSTALLATION
    • Prerequisites
      • PKI Certificate Requirements
      • AzureStack Certification Authority certificate
      • Create SQL Server VM and necessary databases in a tenant subscription
    • Deployment
      • Validating Prerequisites
      • Install VConnect RP
      • License Activation
        • Offline Activation
      • Update Billing Resource Provider Details
      • Remove VConnect RP
      • Version Update
    • Configuration
      • Configure SMTP Settings
      • Configure Automated Emails
      • Configure Remote Machine for PowerShell Access
      • Configure Offline Marketplace Download
      • Configure a new Azure Stack Hub Stamp
        • Configure an Azure AD Stamp
        • Configure an ADFS Stamp
        • Create Service Principal from Azure Portal
  • Others
    • Troubleshooting
      • Configure VConnect PowerShell Modules
      • Stamp Connectivity
      • Stamp Syncing
      • Enable MSM VConnect Scheduled Tasks
      • Add Billing API Port To VConnect RP Network Security Group
      • Add Transaction Log Shrink Job in SQL Server
      • Update Client Secret in AzureStack Hub Connection
Powered by GitBook
On this page

Was this helpful?

  1. INSTALLATION
  2. Configuration
  3. Configure a new Azure Stack Hub Stamp

Create Service Principal from Azure Portal

Service principal can be created in azure portal using the below steps

PreviousConfigure an ADFS StampNextTroubleshooting

Last updated 2 years ago

Was this helpful?

Steps:

  1. Login to the Azure portal using the Azure Stack service admin credentials.

  2. Click on Manage Azure Active Directory.

  3. Click on App registrations from the left pane and click on New registration.

  1. Enter the Name like ’Cloud Assert VConnect SPN Stamp4’ and the Supported account types should be selected as ‘Accounts in this organizational directory only’.

  1. Click Register and will be landed on the application overview page.

6. Click on Add an Application ID URI and Frame Application ID URI like below

Eg: https://vconnect.cloudassertrp.onmicrosoft.com/azs/multi-stamp-manager/a694402b-7fdc- 4d89-bc15-06c6e380adf0

  • Replace {DirectoryTenantName} and {Guid}

  • Guid can be obtained by running the below powershell commands

Param
Description

DirectoryTenantName

Directory tenant name in which the service administrator account resides

$resourceManagerUri="<Replce Here>"
$applicationGuid = ([System.Guid]::NewGuid()).Guid
if ($resourceManagerUri -and $resourceManagerUri.Segments.Count -eq 2) {
try { 
$applicationGuid = [System.Guid]::Parse($resourceManagerUri.Segments[0].ToString()) } catch {}
}
Write-Output $applicationGuid 
  1. Click on Set

  1. Enter the URI framed in Step 6 and Click Save.

  1. Find the Application Id of the Application named ‘Azure Stack - Administration’ which is created during the Azure Stack Hub stamp deployment.

  1. Ensure the Home page URL in the Branding & properties section and the new Azure Stack Hub stamp ARM endpoint url are same.

  2. Note down the Application Id of the application ‘Azure Stack - Administration’

  3. Go to the application ‘Cloud Assert VConnect SPN Stamp 4’ created on Step 4.

  4. Click 'API permissions' from the left pane.

  1. Click Add a permission.

  1. Click APIs my organization uses and search for the Application Id of the application ‘Azure Stack - Administration’ note down on Step 10.

  1. Click on the application that matches the Application Id and check the permission as seen below and click the 'Add permissions' button.

  1. Click on 'Certificates & secrets' from the left pane.

  1. Click New client secret button. Provide a description and select the expiry as 24 months or more than 24 months

  1. Copy the app secret text to a notepad since it will be hidden once the page is refreshed.

  1. Login to Azure Stack admin portal with the service admin credentials.

  2. Navigate to subscriptions and click on the 'Default Provider Subscription'

  3. Click on Access control (IAM)

  1. Click on the Add button and select Add role assignment

  2. Select the Role as Contributor.

  3. In the select field, search for the SPN “Cloud Assert VConnect SPN Stamp4” with the help of app id obtained in Step 5.

  1. Click on the application and click the save button.

  2. Proceed to create a connection to the new stamp.

https://vconnect.{DirectoryTenantName}/azs/multi-stamp-manager/{Guid}