Use a resource manager template:
Create the Service Principal manually:
Use Azure CLI to set the active subscription
Run the following command: az account set --subscription ""
Use Azure CLI to Create the Service Principal
Run the following command: az ad sp create-for-rbac -n "Costi" –create-cert
You should get a response similar to the one below:
Creating a role assignment under the scope of "/subscriptions/"
Please save the response. We will need some of the properties are needed later in the registration step
Now go to the Azure portal to add role assignments
Navigate to Subscriptions -> Access Control (IAM) -> Role Assignments
Add the following role assignments to the service principal:
Reader and Data Access
Storage Blob Data Reader
Register to CloudHiro
You will need the following values from the previously saved response to complete the registration form:
Client ID - “appId“ use XXX
Certificate - “fileWithCertAndPrivateKey”
Tenant Id - “tenant” use ZZZ
After registering to CloudHiro, confirming the email you got and login.
That's it, you're all set to go!
If you ever want to disallow access, you can simply remove the service principle: az ad sp delete --id "Costi".