Authenticate and Monitor Azure Resources using Custom Apps

Site24x7 can discover and monitor Azure resources by creating a custom application in the Microsoft Azure portal. After creating the custom application, enable Site24x7 to discover and monitor resources by assigning the necessary permissions to the application.

Setting up an Azure Active Directory custom application involves two major parts:

• Part 1: Creating an Azure Active Directory application and generating the client secret
• Part 2: Providing the necessary permissions to the custom app

Part 1: Creating an Azure Active Directory Application

1. Log in to the Microsoft Azure portal and navigate to the Azure Active Directory section.
   
2. Click on + Add > App Registration. 
   
3. In the Register an application page, provide the Name of the application, select the Supported account types, and specify the Redirect URI.
   • Name: Provide a unique name for identification purposes. Example: Site24x7 Azure App.
   • Supported account types: Select Accounts in any organizational directory i.e., any of the below mentioned three options:
     • Accounts in this organizational directory only (Zoho Corporation only - Single tenant)
     • Accounts in any organizational directory (Any Azure directory - Multitenant)
     • Account in any organizational directory (Any Azure AD - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
   • Redirect URI (optional): Select Web from the drop-down and enter a valid URL. Example: https://localhost:8080.
     Click Register.
   
4. Once the application is registered in the Azure portal, you will be taken to a new page with information about the application. Copy the Directory (tenant) ID and Application (client) ID and save them for later use.
   
5. Under Manage, click Certificates & secrets.
   
6. Under Client secrets, click + New client secret. In the Add a client secret window, provide a Description, choose your preferred period in the Expires field, and click Add.
   
7. Copy the Secret value that appears and save it for later use. This value will disappear after a while. So copy and paste the value as soon as you see it.
   • While entering the validity of the client secret in the Expires field, remember that once the client secret has expired, you will have to create a new client secret by following the instructions above and updating it in the Site24x7 Azure monitor as per the instructions in our knowledge base document.
     
     

Part 2: Providing the Necessary Permissions to the Custom App

Next, go back to Home and navigate to Subscriptions. Click the subscription that you wish to monitor, and then click Access Control (IAM) > + Add > Add role assignment.

In the Add role assignment page, choose either Reader or Contributor. Then, click Next.

In the Members tab, click + Select members. In the right pane, choose the application you created earlier. Click Select.

Your application's name will now be added to the Members field. Click Next.

In the Review + assign tab, confirm if the details are correct and then click Review + assign.

Once you have completed all the steps above, you can use the above credentials to add an Azure monitor.