Skip to content

Commit

Permalink
Merge pull request #332 from stakater/fix-indentation
Browse files Browse the repository at this point in the history
fixing indentation
  • Loading branch information
rasheedamir authored Oct 29, 2024
2 parents a215fff + ffd2ac8 commit 05d31cd
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 7 deletions.
12 changes: 8 additions & 4 deletions content/for-administrators/secure-your-cluster/azure-gso.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,17 @@
1. Open `Azure Active Directory` service
1. On the left tab under the Manage section, click `App Registrations`
1. Click on `New Registration`. Use `group-sync` under Name and click `Register`
![Azure AD](images/azure-ad.png)

![Azure AD](images/azure-ad.png)
1. The GroupSync job requires additional permissions on the Azure AD tenant. To set these up, add the `Group.Read.All`, `GroupMember.Read.All`,`User.Read.All` entries under the `API Permissions`
![Azure App API Permissions](images/azure-permissions-group-sync.png)

![Azure App API Permissions](images/azure-permissions-group-sync.png)
1. Click on the newly created app `group-sync`. Click `Certificates & secrets` from the left tab. Click `New Client Secret`. Under `Expires` pick any option. Under `Description` enter *saap-group-sync*, and click `Add`
![Certificates and Secrets](images/azure-ad-certificates-secrets.png)

![Certificates and Secrets](images/azure-ad-certificates-secrets.png)
1. Copy the value of the newly created client secret and note the `Application (client) ID` and `Directory (tenant) ID` of the `group-sync` app registration from the `Overview` tab. **Send this to Stakater Support**
![Client-Tenant-ID](images/azure-ad-clientid-tenantid.png)

![Client-Tenant-ID](images/azure-ad-clientid-tenantid.png)

## Items to be provided to Stakater Support

Expand Down
9 changes: 6 additions & 3 deletions content/for-administrators/secure-your-cluster/azure-idp.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,15 @@
1. Open `Azure Active Directory` service
1. On the left tab under the Manage section, click `App Registrations`
1. Click on `New Registration`. Use `saap` under Name. Under Redirect URI section Choose `Web` and enter the Redirect URI (**This will be provided by Stakater Support**) and click `Register`
![Azure AD](images/azure-ad.png)

![Azure AD](images/azure-ad.png)
1. Go to "API permissions" and add the required Microsoft Graph API permissions. Typically, you need `User.Read` and `openid`, `profile`, and `email` permissions.
1. lick on the newly created app `saap`. Click `Certificates & secrets` from the left tab. Click `New Client Secret`. Under `Expires` pick any option. Under `Description` put *saap oidc* and click `Add`
![Certificates and Secrets](images/azure-ad-certificates-secrets.png)

![Certificates and Secrets](images/azure-ad-certificates-secrets.png)
1. Copy the value of the newly created client secret and note the `Application (client) ID` and `Directory (tenant) ID` of the `saap` app registration from the `Overview` tab. **Send this to Stakater Support**
![Client-Tenant-ID](images/azure-ad-clientid-tenantid.png)

![Client-Tenant-ID](images/azure-ad-clientid-tenantid.png)

## Items provided by Stakater Support

Expand Down

0 comments on commit 05d31cd

Please sign in to comment.