Please complete the following steps in the listed order to configure your installed instance of the to integrate with the running environment cluster.
Deploy running environment cluster and .
NOTE: The running environment cluster can be deployed as part of the installation process. You can also integrate the platform with a pre-existing cluster. Details are below.
For more information, see Install for Azure.
Create registered application
You must create an Azure Active Directory (AAD) application and grant it the desired access permissions, such as read/write access to resources and read/write access to the Azure Key Vault secrets.
This service principal is used by the for access to all Azure resources. For more information, see https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal.
After you have registered, acquire the following information:
These properties are applied later in the configuration process.
Configure the Platform
NOTE: The base storage layer must be set after installation. After it has been configured, it cannot be modified.
|Azure storage||webapp.storageProtocol setting|
For authentication purposes, the must be integrated with an Azure Key Vault keystore. See Configure Azure Key Vault.
If needed, you can integrate the with Azure AD for Single-Sign On to the platform. See Configure SSO for Azure AD.
Enable read-only or read-write access to ADLS Gen2. For more information, see ADLS Gen2 Access.
Enable read-only or read-write access to ADLS Gen1. For more information, see ADLS Gen1 Access.
Enable read-only or read-write access to WASB. For more information on integrating with WASB, see WASB Access.
To enable use of the Azure Gov Cloud, please perform the following configuration steps.
NOTE: Managed Identities is not supported for Azure Gov Cloud.
Locate the following parameter and set it to
Save your changes and restart the platform.
If you are integrating with relational datastores, please complete the following configuration sections.
An encryption key file must be created on the . This key file is shared across all relational connections. See Create Encryption Key File.
For more information, see Azure SQL Database Connections.
For more information, see Microsoft SQL Data Warehouse Connections.