Skip to Content

Azure

Connect your Azure subscription to give Cendriix agents visibility into your cloud resources (VMs, AKS, Cost Management, and more).

Note: This integration is for Azure cloud resource management. For Microsoft 365 (SharePoint, OneDrive, Outlook), see Microsoft 365.

Overview

Auth methodService Principal (client_credentials)
Setup locationSettings → Integrations → Connectors → AWS/Azure
Setup time~20 minutes

How to connect

  1. Navigate to Settings → Integrations → ConnectorsConnect Azure
  2. Provide:
    • Tenant ID: Your Azure AD tenant
    • Client ID: The service principal’s Application ID
    • Client Secret: The service principal’s secret
    • Subscription ID: The target Azure subscription
  3. Cendriix validates the connection by calling the Azure Resource Manager API
  4. Assign a suitable RBAC role (Contributor or a custom role) to the service principal on the target subscription

Prerequisites

Before connecting, create a service principal in your Azure AD tenant:

  1. In the Azure Portal , go to Azure Active Directory → App registrations → New registration
  2. Name the application (e.g., Cendriix AI)
  3. Under Certificates & secrets, create a client secret
  4. On the target subscription, assign the service principal an appropriate RBAC role

Security notes

  • Service principal credentials should have the minimum RBAC permissions required for your use case
  • Client secrets expire (max 24 months in Azure AD) — set rotation reminders
  • Revocation is done in the Azure Portal by deleting the service principal or removing its credentials
  • Distinct from Azure DevOps, which uses user-facing OAuth

Further reading

Last updated on