How to Link Azure Deployment User
In this chapter, you will learn about Deployment User and how you can link existing Deployment User with your Azure subscription.
- Select your Free 60-Day Trial (Azure) from the dropdown menu, if not already selected.
- The Account Name "NCache User" is pre-populated for you.
Click on the Link Azure Deployment User button to go to the Microsoft sign in window.
Sign in with the login credentials that were created for you when creating the Deployment User.
What is a Deployment User?
A Deployment User is a user who has the rights to deploy resources through the NCache Cloud Portal. This user must be a part of your Azure subscription and must have a certain set of roles assigned to it. NCache Cloud Portal uses this role-based user's authentication details to fetch and create resources.
Permission Set
Following is the list of all permissions required by the Deployment User for provisioning of various resources such as Virtual Machine, Public IP, Network Interface, or a Virtual Disk.
{
"RoleDefinition": {
"properties": {
"roleName": "NCacheCloudAdmin_{admin_account_prefix}",
"type": "CustomRole",
"description": "Minimum amount of permissions required to monitor NCache SaaS",
"assignableScopes": [],
"permissions": [
{
"actions": [
"Microsoft.Network/publicIpAddresses/read",
"Microsoft.Compute/virtualMachines/read",
"Microsoft.Compute/virtualMachines/instanceView/read",
"Microsoft.Network/networkInterfaces/read",
"Microsoft.Resources/subscriptions/locations/read",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Network/virtualNetworks/read",
"Microsoft.Network/virtualNetworks/write",
"Microsoft.Network/virtualNetworks/subnets/read",
"Microsoft.Network/virtualNetworks/subnets/write",
"Microsoft.Network/networkInterfaces/write",
"Microsoft.Network/networkSecurityGroups/write",
"Microsoft.Network/publicIpAddresses/write",
"Microsoft.Compute/virtualMachines/write",
"Microsoft.Compute/disks/write",
"Microsoft.Compute/disks/delete",
"Microsoft.Network/networkInterfaces/delete",
"Microsoft.Network/networkSecurityGroups/delete",
"Microsoft.Network/publicIpAddresses/delete",
"Microsoft.Compute/virtualMachines/delete",
"Microsoft.Compute/virtualMachines/start/action",
"Microsoft.Compute/virtualMachines/restart/action",
"Microsoft.Compute/virtualMachines/deallocate/action",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/subscriptions/resourceGroups/write",
"Microsoft.Network/networkSecurityGroups/join/action",
"Microsoft.Network/virtualNetworks/subnets/join/action",
"Microsoft.Network/publicIPAddresses/join/action",
"Microsoft.Network/networkInterfaces/join/action",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Storage/storageAccounts/write",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Storage/storageAccounts/delete",
"Microsoft.MarketplaceOrdering/offertypes/publishers/offers/plans/agreements/read",
"Microsoft.MarketplaceOrdering/offertypes/publishers/offers/plans/agreements/write",
"Microsoft.Resources/deployments/validate/action",
"Microsoft.Resources/deployments/write",
"Microsoft.Resources/deployments/read"
],
"notActions": []
}
]
}
}
}
Delete Deployment User
A linked Deployment User can also be deleted from the NCache Cloud Portal. Do note that we do not actually remove the user from Azure AD. Deleting the Deployment User simply means its access tokens are removed.
Note
Upon deleting the Deployment User, you will not be able to perform any managerial operations such as Start, Stop, or Restart the VM.
See Also
Deployment Methods in Azure
Enable Programmatic Deployment
Resource Configuration