CLI Configuration

I have this. Just give me the steps...

This tool will generate the App Registration, Service Principal and assign a role, then generate the secret to allow programmatic access. It will then push these details directly into the Tuono credential Vault via the Tuono API.

Static Credential Tool

• Connect directly to the Azure Cloud Shell

If you haven't already, you will be requested to provision a small amount of storage for Cloud Shell to use. You can accept all the defaults here.

• Download the file tuono_credential_add.py with wget and make it executable. Copy the following in to the Cloud Shell terminal:

wget https://raw.githubusercontent.com/tuono/tuono-open-tools/main/tuono_credential_add.py \
    && chmod +x tuono_credential_add.py

To examine the code, please review it in GitHub

• To execute the script, provide the following details (this might be easier in a text editor) and copy it in to the Azure Cloud Shell terminal. NOTE: You can use any name you like for the app_name and credential.

./tuono_credential_add.py \
    --username '<tuono_username>' \
    --venue 'azure' \
    --subscription '<azure_subscription>' \
    --app_name '<new_app_name>' \
    --credential '<new_credential_name>'

• This should output:

<user>@Azure:~$ ./tuono_credential_add.py --username "scott.harrison.t1@tuono.com" --venue "azure" --subscription "Playground: sharrison" --app_name "azure_test" --credential "azure_test"

Please enter the Password for <tuono_username>:
2021-01-26 19:31:42,385 INFO Generating Subscription details
2021-01-26 19:31:42,896 INFO Creating App Registration <new_app_name>
2021-01-26 19:31:47,145 INFO Generating Client Secret
2021-01-26 19:31:49,098 INFO Waiting 20s reconcile the secret creation
2021-01-26 19:32:09,108 INFO Creating Service Principal
2021-01-26 19:32:10,468 INFO Waiting 20s reconcile the Service Principal creation
2021-01-26 19:32:30,482 INFO Creating role assignment
2021-01-26 19:32:34,337 INFO Waiting 20s reconcile role assignment
2021-01-26 19:32:55,301 INFO Credential details for the Tuono Portal. THESE WILL NOT BE LOGGED:

{
  "client": "<client>",
  "cred_type": "static",
  "name": "<new_app_name>",
  "secret": "<secret>",
  "subscription": "<subscription>",
  "tenant": "<tenant>"
}

2021-01-27 08:32:51,249 INFO Keep these details in a secure place. If you lose these you will need to recreate the registration
2021-01-27 08:32:51,249 INFO Making REST call to add credentials to the Tuono Portal
2021-01-27 08:32:53,599 INFO Job still running
2021-01-27 08:33:04,424 INFO Pushing credentials to Tuono succeeded!
2021-01-27 08:33:04,425 INFO To see DEBUG logs, please review tuono_azure_setup.txt. Command: less tuono_azure_setup.txt

Take a note of the Credential details for the Tuono Portal. This is the only time you will be able to obtain the secret key, so store it in a safe and secure location. If you forget this, you will need to recreate the App Registration.

If you have completed this successfully, you can skip the "Add Cloud Credential to Tuono" section, as this has already been done for you via the API. Head over to the Tuono Portal to confirm that the credentials were successfully added. If there are any issues, the credential details in the terminal can be used to manually add your credentials.