Azure
Connect your Azure subscription to give Cendriix agents visibility into your cloud resources (VMs, AKS, Cost Management, and more).
Note: This integration is for Azure cloud resource management. For Microsoft 365 (SharePoint, OneDrive, Outlook), see Microsoft 365.
Overview
| Auth method | Service Principal (client_credentials) |
| Setup location | Settings → Integrations → Connectors → AWS/Azure |
| Setup time | ~20 minutes |
How to connect
- Navigate to Settings → Integrations → Connectors → Connect Azure
- Provide:
- Tenant ID: Your Azure AD tenant
- Client ID: The service principal’s Application ID
- Client Secret: The service principal’s secret
- Subscription ID: The target Azure subscription
- Cendriix validates the connection by calling the Azure Resource Manager API
- Assign a suitable RBAC role (Contributor or a custom role) to the service principal on the target subscription
Prerequisites
Before connecting, create a service principal in your Azure AD tenant:
- In the Azure Portal , go to Azure Active Directory → App registrations → New registration
- Name the application (e.g.,
Cendriix AI) - Under Certificates & secrets, create a client secret
- On the target subscription, assign the service principal an appropriate RBAC role
Security notes
- Service principal credentials should have the minimum RBAC permissions required for your use case
- Client secrets expire (max 24 months in Azure AD) — set rotation reminders
- Revocation is done in the Azure Portal by deleting the service principal or removing its credentials
- Distinct from Azure DevOps, which uses user-facing OAuth
Further reading
Last updated on