Creating an Application for Azure CDN
You can add your Azure CDN to IO River and use it with your services. In order to add Azure CDN as one of your CDN providers, you need to have an Azure application which can be used with IO River. In general, the application needs to have permissions to manage your Azure CDN in your Azure account.
Step 1 - Registering IO River application:
- Sign in to your Azure account.
- Navigate to App registrations in your Azure account.
- Click on New Registration.
- Fill the registration form:
- Type IORiver for the name of the application.
- Click on Register.
- Select the API permissions tab on the sidebar to set permissions:
- Click on Add permission.
- Click on Microsoft Graph.
- Click on Application permissions.
- Select User.Read.All and click on Add permission.
- Click on Grant admin consent to IO River.
- Select the Certificate & secrets tab on the sidebar to create a secret:
- Click on New client secret.
- Set description & expiration, and click on Add.
- Copy the value of the secret
- Select the Overview tab on the sidebar and copy the following credentials:
- Application ID (Client ID)
- Directory ID (Tenant ID)
Step 2 - Providing permissions (roles) to the applicaton:
- Navigate to the relevant Resource Group in your Azure account.
- Select Access control (IAM) from the sidebar.
- Select the Role assignments tab.
- Click on Add and select Add Role assignments.
- Add the role CDN profile contributor.
- Click on Next
- Click on Select members.
- Search for the IORiver application, and click on Select.
- Click on Review + assign.
Repeat steps 4-9 to add the following additional roles:
- CDN profile reader
- Monitoring reader
- Key vault administrator
- Key vault certificate officer
- Key vault contributor
In addition to the values copied in Step 1, also copy the Subscription ID and the name of your Resource Group.
Example of Azure credentials:
tenant_id = "d201248a-c2e9-402e-8281-a5d3eefd8d3d"
client_id = "f9c47934-d594-4f65-8df5-4e71c58de5dd"
client_secret = "B9M8Q~E8nKhbrGTSRGS5TXUfQ0WdZ11JJoytEc_-"
subscription_id = 'e986b596-dbc9-cf41-8666-985b32e6bf71'
resource_group = "staging"
Add the credentials when you add your Azure CDN here.