In this Article
| Table of Contents | ||||
|---|---|---|---|---|
|
...
Snaps in the Binary Snap Pack use the Azure portal to access endpoint applications. You can use the SAS URI and or Access key to authenticate Azure access. However, Managed Identities provide credentials credentialless access to Azure. There are two types of Managed Identities - : System-Assigned Managed Identity and User-Assigned Identity. The System-Assigned identity can be mapped to a single virtual machine, whereas the User-Assigned identity can align with multiple resources. This procedure guides you through creating managed identities for a resource group in the Azure portal and linking them to a virtual machine and storage account.
1. Create a resource group in the Azure portal
...
s. Select the name of the user-assigned managed identity. The current role assignments appear.
...
t. Navigate to the user-assigned managed identity created in Step 4 from the search bar to obtain the client ID.
...
7. Add System-Assigned Managed Identity to Virtual Machine
...
i. Click Access control (IAM) in the left navigation.
...
j. Click Add>Add role assignment.
k. Search for the Storage Blob Data Contributor role from the list of roles on the Add role assignment page.
...
l. Click Next.
m. Choose the Managed identity option in the Assign access to field.
n. Click Select members in the Members field. The Select managed identities box appears on the left.
o. Select All system-assigned managed identities in the Managed identity field.
...
p. Select the name of the virtual machine created in Step 5.
q. Click Select.
r. Click Review + assign.
...
...
Configure Information Required to Create
...
Your Binary Account
Specify the values required to create a successful <Snap Pack Name> OAuth2 accountBinary Azure Storage Account.
Navigate to the <Snap Pack Name> Binary Snap of your choice and configure the <Snap Pack Name> OAuth2 Account with the following details:
Client ID: A Public Identifier for your app. Provide the Client ID that is auto-generated after creating the app in the <endpoint>
Client Secret: Secret value known only to the app and the auth server. Provide the Client Secret that is auto-generated after creating the app in the <endpoint>.
OAuth2 Endpoint:
OAuth2 Token:
<Insert Account image>
Click Authorize.
You will be redirected to the login page of ServiceNow.Log into ServiceNow and accept the permissions.
The Access token and the Refresh Token will be generated.Select the Auto-refresh token checkbox and save the account.Binary Azure Storage Account.
You must provide the Client ID for the user-assigned managed identity. When you select the system-assigned managed identity for the Managed identity field, no client ID is required.
You must run the Snap account in the Snaplex created in the virtual machine.
Click Apply.
Related content: