Hello,
I am looking for information from someone who has setup the CSDAC Azure Service Tag connector. I have CSDAC setup and connected to a test FMCv in my lab. I have the CSDAC Office365 connector configured and working correctly so the FMCv is getting the Office365 IPs in a dynamic object.
The Azure Service Tag setup is more complicated for some reason even though its a public feed. I worked with my Azure Admin to setup the Azure side using the following article:
https://docs.defenseorchestrator.com/t-install-a-secure-device-connector-to-vsphere-using-terraform.html#!t_create-an-azure-user-minimum-permissions.html
We got through steps 1 - 15 with no issues but then in step 16 it ties the Registered App we created to a user account and my Server and Security Teams want to know:
- Why is a login into our subscription needed to pull a public feed of the Service Tags
- What does the user account need access to
- What is the user app doing with the registered app to pull the feed
- Does this user account need to be a new account just for this or can it be an existing account
I can't find any documentation to answer the questions above and the reference documentation just says to add the new Registered App to a user account but doesn't give anymore information on what the user account needs access to.
Hoping someone in the group has worked through this process and help me get answers to these questions.
Thank you,
