Lab 1: Set up the lab environment that consists of an Azure storage account and an Azure logic app

The main tasks for this exercise are as follows:

  1. Create an Azure storage account

  2. Create an Azure logic app

  3. Create an Azure AD service principal

  4. Assign the Reader role to the Azure AD service principal

  5. Register the Microsoft.EventGrid resource provider

Task 1: Create a storage account in Azure

  1. From the lab virtual machine, start Microsoft Edge and browse to the Azure portal at http://portal.azure.com and sign in by using the Microsoft account that has the Owner role in the target Azure subscription.

  2. From Azure Portal, create a new storage account with the following settings:

    • Subscription: the name of the target Azure subscription

    • Resource group: a new resource group named az3000701-LabRG

    • Storage account name: any valid, unique name between 3 and 24 characters consisting of lowercase letters and digits

    • Location: the name of the Azure region that is available in your subscription and which is closest to the lab location

    • Performance: Standard

    • Account kind: Storage (general purpose v1)

    • Replication: Locally-redundant storage (LRS)

    • Network connectivity: Public endpoint(All networks)

    • Secure transfer required: Enabled

    • Data Lake Storage Gen2: Disabled

      Note: Do not wait for the deployment to complete but instead proceed to the next task.

Task 2: Create an Azure logic app

  1. From Azure Portal, create an instance of Logic App with the following settings:

    • Name: logicapp3000701

    • Subscription: the name of the target Azure subscription

    • Resource group: the name of a new resource group az3000702-LabRG

    • Location: the same Azure region into which you deployed the storage account in the previous task

    • Log Analytics: Off

  2. Wait until the app is provisioned. This will take about a minute.

Task 3: Create an Azure AD service principal

  1. In the Azure portal, in the Microsoft Edge window, start a PowerShell session within the Cloud Shell.

  2. If you are presented with the You have no storage mounted message, configure storage using the following settings:

    • Subsciption: the name of the target Azure subscription

    • Cloud Shell region: the name of the Azure region that is available in your subscription and which is closest to the lab location

    • Resource group: the name of a new resource group az3000700-LabRG

    • Storage account: a name of a new storage account

    • File share: a name of a new file share

  3. From the Cloud Shell pane, run the following to create a new Azure AD application that you will associate with the service principal you create in the subsequent steps of this task:

    $password = 'Pa55w.rd1234'
$securePassword = ConvertTo-SecureString -Force -AsPlainText -String $password
$aadApp30007 = New-AzADApplication -DisplayName 'aadApp30007' -HomePage 'http://aadApp30007' -IdentifierUris 'http://aadApp30007' -Password $securePassword

  4. From the Cloud Shell pane, run the following to create a new Azure AD service principal associated with the application you created in the previous step:

    New-AzADServicePrincipal -ApplicationId $aadApp30007.ApplicationId.Guid

  5. In the output of the New-AzADServicePrincipal command, note the value of the ApplicationId property. You will need this in the next exercise of this lab.

  6. From the Cloud Shell pane, run the following to identify the value of the Id property of the current Azure subscription and the value of the TenantId property of the Azure AD tenant associated with that subscription (you will also need them in the next exercise of this lab):

    Get-AzSubscription

  7. Close the Cloud Shell pane.

Task 4: Assign the Reader role to the Azure AD service principal

  1. In the Azure portal, navigate to the blade displaying properties of your Azure subscription.

  2. On the Azure subscription blade, click Access control (IAM).

  3. Assign the Reader role within the scope of the Azure subscription to the aadApp30007 service principal.

Task 5: Register the Microsoft.EventGrid resource provider

  1. In the Azure portal, in the Microsoft Edge window, reopen the PowerShell session within the Cloud Shell.

  2. From the Cloud Shell pane, run the following to register the Microsoft.EventGrid resource provider:

    Register-AzResourceProvider -ProviderNamespace Microsoft.EventGrid

  3. Close the Cloud Shell pane.

Review

After you completed this exercise, you have created a storage account, a logic app that you will configure in the next exercise of this lab, and an Azure AD service principal that you will reference during that configuration.

results matching ""

    No results matching ""