Prepare the Azure configuration¶

Create an Azure service principal. Skip this step to use an existing Azure service principal.

Create a Microsoft Azure account.
Install Azure CLI.
Log in to the Azure CLI:
```
az login
```
List your Azure accounts:
```
az account list -o table
```
If more than one account exists, select the account dedicated for Container Cloud:
```
az account set -s <subscriptionID>
```

Create an Azure service principal:

Caution

The owner role is required for creation of role assignments.

az ad sp create-for-rbac --role contributor

Example of system response:

{
   "appId": "0c87aM5a-e172-182b-a91a-a9b8d39ddbcd",
   "displayName": "azure-cli-2021-08-04-15-25-16",
   "name": "1359ac72-5794-494d-b787-1d7309b7f8bc",
   "password": "Q1jB2-7Uz6Cka7xos6vL-Ddb4BQx2vgMl",
   "tenant": "6d498697-7anvd-4172-a7v0-4e5b2e25f280"
}

Change the directory to kaas-bootstrap.
Export the following parameter:
```
export KAAS_AZURE_ENABLED=true
```
In templates/azure/azure-config.yaml.template, modify the following parameters using credentials obtained in the previous steps or using credentials of an existing Azure service principal obtained from the subscription owner:
- spec:subscriptionID is the subscription ID of your Azure account
- spec:tenantID is the value of "tenant"
- spec:clientID is the value of "appId"
- spec:clientSecret:value is the value of "password"
For example:
```
spec:
  subscriptionID: b8bea78f-zf7s-s7vk-s8f0-642a6v7a39c1
  tenantID: 6d498697-7anvd-4172-a7v0-4e5b2e25f280
  clientID: 0c87aM5a-e172-182b-a91a-a9b8d39ddbcd
  clientSecret:
    value: Q1jB2-7Uz6Cka7xos6vL-Ddb4BQx2vgMl
```
In templates/azure/cluster.yaml.template, modify the default configuration of the Azure cluster location. This is an Azure region that your subscription has quota for.

To obtain the list of available locations, run:
```
az account list-locations -o=table
```
For example:
```
providerSpec:
  value:
  ...
    location: southcentralus
```
Also, modify other parameters as required.