3. Giving Access To Azure Resources

Prerequisites

  1. Registering the application in your tenant
  2. Selecting a Plan

Introduction

Creating an Azure Policy requires EZSSH to have access to your subscription. Based on what features you want to enable you can give it different permissions. If you want to use our “Auto Add” Feature that automatically adds your EZSSH Policy certificate to the machines we detect in your subscription, Contributor role is required. If you only want EZSSH to detect the machine and you will add the certificate to the machines, using your deployment templates (Pulumi Example) then only Reader role is required.

Adding Application to RBAC in Azure Portal

  1. Login to https://portal.azure.com
  2. Navigate to the Subscription or resource group that you want to enroll in EZSSH Azure IAM Screen
  3. Click on Add Azure IAM Screen
  4. Select the “Add Role Assignment” Option
  5. Select the Role you need for EZSSH. Contributor or Reader Azure IAM Screen
  6. Select the EZSSH Application Azure IAM Screen
  7. Click the Save button Azure IAM Screen
  8. You are ready to create your first Azure Policy