Declare your Azure service principal

A service principal is the automated process, application, or service that the Azure admin configured to access the subscription that the admin specifies. Provide the credentials for your Azure service principal to the ServiceNow instance so that the instance can discover the Azure subscriptions for your organization.

Before you begin

Role required: cloud_admin or sn_azure.admin

About this task

In this procedure, you create a service principal on the Azure portal and then submit a form with the service principal information on the ServiceNow instance. You then direct the ServiceNow instance to run the Discovery process to access your organization's Azure resources in the subscription.

Procedure

  1. Create a new Azure Service Principal on the Azure portal as described in the Azure Resource Manager documentation.
  2. Navigate to Microsoft Azure Cloud > Configuration > Credentials (Service Principals).
  3. Click New and then specify the following values.
    Field Value
    Name Enter the name of the service principal to register with the ServiceNow instance.
    Tenant ID and Client ID Copy/paste the values that you obtained from the Azure portal.
    Authentication method Select Client secret.
    Note: Client assertion is not supported.
    Secret key Paste the secret key that was generated while creating the Azure Service Principal.

    This field appears when Authentication method is Client secret.

  4. Right-click the form header and click Save.
  5. Grant Service Principal permission to the subscriptions that you want to manage as described in the Azure Resource Manager documentation. Useful instructions also appear in related blogs.
  6. Click the Get Subscriptions related link.
    The ServiceNow instance discovers your organization's Azure subscriptions and makes them available to you in the next procedure.
    Note: This discovery process discovers only which subscriptions the Service Principal has access to. The process does not discover other resources. You schedule resource Discovery in a later step.