Cloud Providers /
Microsoft Azure: add your account to Northflank
To add your Microsoft Azure account to Northflank, navigate to the clusters page in your account settings and create a new integration.
You must have sufficient resource quotas available in your Azure account to deploy a cluster using Northflank.
It is recommended that you create a new Azure Active Directory application to integrate with Northflank:
- Navigate to your Northflank account settings and open the clusters page
- Create a new cloud provider integration and select Azure as the provider
- Open Azure Portal and navigate to Azure Entra ID
- Register a new application with Azure AD from the add menu, or from the app registrations page. Copy the the directory (tenant) ID and the application (client) ID to the Northflank form.
- In your new application click the link for
managed application in local directory
(your application's name) and copy the application's object ID from properties to Northflank. - Go back to your application overview and open the certificates and secrets page. Create a new client secret, and copy the secret value (not the secret ID) to Northflank.
- Navigate to subscriptions and select an existing subscription, or create a new one. For security, the subscription you use with Northflank should have only the necessary permissions allocated to it.
- Open access control (IAM) and add a new role assignment to the subscription. Select the contributor role from privileged administrator roles.
- Open the members page in the new role and assign access to
user, group, or service principle
. Select members and add your Active Directory application. You may need to start typing the name of your application for it to appear in the member selection menu. - Open resource providers in your subscription, search for and select the provider
Microsoft.ContainerService
. Click register to add the provider to the subscription. - Copy the subscription ID to Northflank and create the integration
You can now configure and deploy new clusters in your Azure account.
You can edit the integration at any time to update the secrets, if required. If the new secrets do not have permission to manage existing clusters, you will be unable to edit those clusters and deleting them via Azure Active Directory may leave orphaned resources.