Azure Management Group Manual CLI Onboarding

Azure Management Group CLI Onboarding

You can onboard all subscriptions as a group by following the CLI steps provided below

If you have already set up the Management Group for billing using the steps provided here Azure Management Group onboarding as billing you can utilize the same credentials to onboard the Management Group again.

To manage an Azure Active Directory (AAD) app and create a client secret, the Active Directory administrator role is required

Create AAD

CODE

az ad sp create-for-rbac --display-name "<APP_NAME>" --years=2 -o table

<APP_NAME>: Enter the unique name. Recommended (digitalex_management_group)
Capture App id and share it with Owner required to Assign Permissions to the App
Capture Password (Secret) and Tenant id required to Connect Management Group

To assign permissions to the Azure Active Directory (AAD) app, it is recommended to have the Owner role. Alternatively, you can have both the Contributor and User Access Administrator roles.

Assign Permissions to the App

CODE

az role assignment create --assignee "<APP_ID>" --role "Reader" --scope "/providers/Microsoft.Management/managementGroups/<MANAGEMENT_GROUP-ID>" -o table

<APP_ID> : Enter App id created in above step
<MANAGEMENT_GROUP-ID>: Enter your management group Id(To Get Management Group id Navigate to Azure Console > Search Management Group > Capture tenant group id)

Connect Management Group

Login to DigitalEx
Go to Menu > Admin > Public Clouds
Click on +Management Groups & Enter required details
Click Connect.

[data-colorid=baujex53cy]{color:#4c9aff} html[data-color-mode=dark] [data-colorid=baujex53cy]{color:#004eb3}Azure Management Group CLI Onboarding

Create AAD

Assign Permissions to the App

Connect Management Group

Azure Management Group CLI Onboarding