Get account information from Azure's portal

  • Log in to your Azure account
  • Search "Azure Active Directory" from the top search text box and select it
  • Copy the tenant id and keep it in a safe place. We will need it while adding information on InfraGuard
  • On the side menu of the same page click on "App registrations" and select "New registration"
  • Enter the name as Infraguard app
  • Make sure "Single Tenent" is selected in Supported Account types
  • In Redirect URI select "Web" from the list and enter in the text box next to it
  • Click on Register
  • Now your application is registered. Copy the "Application (Client) ID" and keep it in a safe place
  • Go to "Certificates and Secrets" from the left menu and click on the "New Client Secret" button
  • Enter description as Infraguard key and select "24 months" in the "EXPIRES" option radio button
  • Click on Add
  • This will generate a new client secret key. Copy the value column item and keep it in a safe place with the name Client Secret
  • Now search "Subscription" on the top search text box and go to your current subscription and copy the subscription id and put it in a safe place
  • Select "Access control(IAM)" from the menu of your subscription and click on "+Add" and select custom role
  • Enter your custom role name as "InfraGuard-role"
  • Select JSON click on edit and insert the following:  
    "properties": {
        "roleName": "InfraGuard-role",
        "description": "",
        "assignableScopes": [
            "/subscriptions/<INSERT YOUR SUBSCRIPTION ID>"
        "permissions": [
                "actions": [
                "notActions": [],
                "dataActions": [],
                "notDataActions": []
  • Replace <INSERT YOUR SUBSCRIPTION ID> with your subscription id in the 6th line and click on Save
  • Then select "Review + Create" and then Create. The role is created. Click OK to return to the IAM role page
  •  Click on the "add a role assignment" button on the card "Grant access to this resource" on right
  • Now select the "Role" tab and search for "InfraGuard-role". Select this role and click Next
  • In the Member tab click on "+Select Member" and search for "Infraguard app" on the right side below Select Members
  • Select Infraguard app and click on select. Then click on "Review and Assign" 

Onboard your servers to InfraGuard

  • Log onto Account
  • Select CLUSTER from side-menu
  • Click on “Create Azure cluster”
  • Add any relevant Name
  • Add Tenant ID, Subscription ID, Client ID, and Client Secret as created and copied in the previous section
  • Click ‘Sync’ to make your newly added server appear in the list of servers
  • Wait for some time before you click on ‘Servers’ to get your list of servers for that Role ARN