Brainboard's documentation
Website 🏛️Go to the app ↗
  • Welcome
  • Getting started
    • Fast track
    • Start with a template
    • Start with AI
    • Use cases videos
    • Brainboard philosophy
  • Cloud design
    • Left bar
      • Cloud resources
      • Input & output
    • Design area
      • Node
      • ID card
      • Connectors
      • Versioning
      • Graphical options
    • One action
    • Code Edition
  • Data
    • Data structure
      • Project
      • Environment
      • Cloud architecture
        • Terraform files
        • Readme file
        • Architecture Synchronization
        • Remote backend
      • Template
    • Cloud providers
      • Supported cloud providers
      • Customize provider configuration
      • Unsupported cloud providers
    • Terraform / OpenTofu
      • Modules
        • Module
        • Import modules
        • Manage module
        • Terraform registry credentials
        • Use modules
    • Disaster recovery
  • Automation
    • CI/CD engine
    • Supported plugins
      • Terraform
      • Security
        • Trivy
        • Tfsec
        • Terrascan
        • OPA
        • Checkov
      • Infracost
      • Notifications
        • Email
        • Slack
        • Microsoft Teams
      • Webhooks
    • Pipelines
    • Workflow templates
    • Drift detection
      • Types of drift
      • Remediation
    • Self-Hosted Runner
      • Deploy runner with Kubernetes
      • Deploy runner with docker-compose
  • Settings
    • Overview
    • Authentication
      • Login into Brainboard
      • Single sign-on (SSO)
    • Account management
    • Organization
    • Members
    • Teams
    • Roles & Permissions (RBAC)
      • Level of access
      • Organization RBAC
      • Project RBAC
    • Integrations
      • Git configuration
        • GitHub
        • Azure DevOps (ADO)
        • Bitbucket
        • GitLab
        • How to use
      • Cloud providers
        • AWS
        • Azure
        • GCP
        • OCI
  • Security
    • Data managed by Brainboard
    • SOC 2 Type II
    • Role Based Access Control
  • Help & FAQ
    • Shortcuts
    • FAQ
    • Migration
      • Import from cloud provider
    • Support
    • Glossary
  • Changelog
Powered by GitBook
On this page
  • Configure access
  • Client certificate
  • Client secret
  • Set the scope

Was this helpful?

Edit on GitHub
  1. Settings
  2. Integrations
  3. Cloud providers

Azure

PreviousAWSNextGCP

Last updated 20 days ago

Was this helpful?

Brainboard allows you to connect to your Azure environments, whether you want to provision resources, import existing infrastructure or simply manage your architecture on a daily basis.

It supports 2 authentication methods described below:

  1. (recommended)

You need an app registration in your Azure account to be able to connect Brainboard successfully.

Configure access

To connect Brainboard to your AWS account:

  1. Go to the settings page.

  2. Click on Microsoft Azure

  3. Click on New connection

  4. This will open the new connection page where you have 2 options:

Client certificate

This is the recommended way to connect to your Azure environments as it doesn't require any secret sharing.

When you click on the option Client Certificate Brainboard guides you in the connection process:

  1. In this page, click on Register app button, it will open your Azure portal with pre-filled information and download the certificate

  2. In your Azure portal, add a name of the app registration and click Register

  3. Go to manage, then Certificates & secrets, and click on certificates tab and upload the certificate you downloaded in step 1

  4. In the same app registration page, click on overview to get the follow information:

    1. Application (client) id

    2. Directory (tenant) id

  5. Go to the subscription that you want to connect to Brainboard and get its ID

  6. Navigate to Access control (IAM) to create a role assignment with the right privilege

  7. In Brainboard, put all the information you collected before, and click Continue:

    1. Application (client) id

    2. Directory (tenant) id

    3. Subscription id

  8. Brainboard checks if the connection can be established:

    1. If the connection is successful, you will have this message

    2. If it fails, you get an information about it

  9. Name the connection in Brainboard

    This name is used only within Brainboard, so it's a best practice to give an explicit name that allows you to identify which subscription is referring to.

Client secret

Brainboard allows you to add your client secret if this is your preferred way to connect to your Azure environments:

Follow the same steps as Client certificate except in step 4, generate a new client secret

Set the scope

Once your credentials are added you can specify where exactly they will be used

This allows you to specify whether you want:

  1. Make the credentials the default to use within your organization: which means any architecture created in Brainboard will use these credentials if it doesn't have its own ones.

  2. Use in a specific project

  3. Use in a specific environment

  4. Use in a specific architecture

Once the app registration done, navigate to the and search for the one you just created, then click on it to open its configuration

app registration page
Cloud providers integration
Client certificate
Client secret