Versions Compared

Old Version 1

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Resource Group (New)

  • Azure App Service Plan (P1v2)

  • Azure App Service (with System Managed Identity)

  • App Registration (for App Service authentication)

  • Azure Key Vault (for securing secrets)

  • Additional App Registration and Service Principal (for Azure Graph API permissions)

Prerequisites

Before installation, make sure you have the following prerequisites:

...

Clients should obtain the necessary files for setup from their respective EmpowerID support agent.

Procedure

  1. Retrieve Terraform Template:
    Download the Terraform template from the repository at <https://empowerid.visualstudio.com/_git/EID-Infrastructure?path=/terraform_new/templates/AzPowershellV2.>

  2. Configure Terraform Backend:
    Edit the main.tf file to include the following configurations:

    Code Block
    languagehcl
    backend "azurerm" {
    use_azuread_auth      = true
    subscription_id       = "<Your Subscription ID>"
    tenant_id             = "<Your Azure Tenant ID>"
    resource_group_name   = "<Your Resource Group Name>"
    storage_account_name  = "<Your Storage Account Name>"
    container_name        = "<Your Storage Container Name>"
    key                   = "terraform.azv2.tfstate"
}

  3. Set Terraform Variables:
    Modify the terraform.tfvars file with these details:

    Code Block
    languagehcl
    azure_region     = "<Region to deploy the Microservice>"
client_code      = "<Client Name>"
env_code         = "<Client Environment>"
region_code      = "<Region code>"
Subscription_ID  = "<Your Subscription ID>"
Tenant_ID        = "<Your Azure Tenant ID>"

  4. Initialize and Deploy with Terraform:
    Open PowerShell in the directory containing the main.tf file and execute the following commands sequentially:

    • Terraform init to initialize the Terraform environment and modules.

    • Terraform plan to review the deployment plan.

    • Terraform apply to execute the deployment of the Microservice.

  5. Configure Authentication:
    After deploying the microservice, modify the Azure AD SCIM Microservice configuration to authenticate with the Azure PowerShell V2 Microservice by adding the following settings:

    Code Block
    languagetext
    name: "AzureADLogin"
value: "<https://login.microsoftonline.com/>"

name: "AzureADPowershellV2AppID"
value: "<Azure PowerShell V2 Microservice Application ID>"

name: "AzureADPowershellV2CertificateName"
value: "<Azure PowerShell V2 Microservice Authentication Certificate Name>"

name: "AzureADPowershellV2TenantID"
value: "<Azure PowerShell V2 Microservice Tenant ID>"

name: "AzureADPowershellV2URL"
value: "<Azure PowerShell V2 Microservice URL>/services/v1/pshell/"

name: "AzureADPowershellV2VaultUrl"
value: "<Azure PowerShell V2 Microservice Key Vault URL>"

  6. Upload Artifacts:
    Follow the artifacts deployment documentation to upload the necessary files to your web application.

...