Automating Cloud Account Information Retrieval
You can enable HPE CV to automatically retrieve cloud network information from your AWS or Azure account. This can make it easier to perform certain tasks as you no longer have to manually enter your cloud provider settings.
For example, when you create a volume, you can select your VPC and VNet settings from drop-down menus in the creation wizard instead of manually typing the information.
Automating AWS Account Information Retrieval
To automate AWS account information retrieval, you must generate an AWS Role ARN and add this identifier to your HPE Cloud Volumes account settings.
- Log into the AWS console and navigate to Services.
- Click IAM.
- In the IAM dashboard, select Roles and then click Create Role.
- Under Select type of trusted entity select Another AWS Account.
- Enter HPE Nimble Account Owner ID 815665286609 into the Account ID field.
- Check the Require external ID check box, and then enter your External ID. (Note that your External ID is the same as the AWS External ID. To obtain your External ID, click User Settings from the user icon menu and copy the ID that appears in the AWS External ID field). Do not check the Require MFA box. Then click Next: Permissions.
Select and add the following policies in the Attach Policy page:
Click Next: Tags after you have added the policies.
(Optional) Add any user-defined tags.
Click Next: Review
Enter a name for the role in the Role Name field, and then click Create Role.
- Click the newly created role, and then copy the Role ARN to the clipboard.
- In the HPE CV main menu, click Cloud Accounts
- Select the Cloud Account that you created when you registered your cloud provider and then click Edit Cloud Account from the Actions menu.
- Paste your Role ARN into the Role ARN field, and then click Next.
- Select the users who you want to access the cloud account and then click Save.
Automating Azure Account Information Retrieval
To automate Azure account information retrieval:
- Create a new Azure application.
- Create new instances of the following identifiers:
- Azure Client ID
- Azure Secret
- Azure Tenant ID
- Enable the new application to make changes to your Azure account.
- Add the new identifiers to HPE CV settings.
To perform these tasks, complete the following steps:
- Log in to the Azure portal and go to the Azure Active Directory.
- Select App Registrations.
- Click New Registration.
- Complete the following steps:
- Enter a name for the application in the name field. (Example: HPE CV). Record this information for future use.
- Under Redirect URIC select Web.
- Type any valid URL in the Redirect URI field. (Example: http://localhost:8080).
- Click Register.
- Navigate to Apps Registration and complete the following steps:
- Click the application name.
- Click Certificates & Secrets.
- Click New Client Secret.
- Select a time frame.
Click Add. This generates a Value. Record the Value that is generated for future use.
Note: The Value is the Azure Secret that you will add to HPE CV Settings.
Close the Certificates & Secrets pane, and then navigate to Apps Registration.
- Click the registration name.
- Copy the Application (client) ID and the Directory (tenant) ID, and record these values for future use. (Note that you will need to add both the client ID and the tenant ID to your HPE CV settings.)
- Navigate to the Subscriptions section of the Azure portal and click the Subscription ID that contains the resources you want to access.
- Grant the new application privileges to make changes in your Azure account by completing these steps:
- In the Subscription section, click Access Control (IAM)and then click Add.
- Select Add Role Assignment.
- Select the Contributor role.
- In the Select field, type and search for the application name that you specified in Step 4. When the application is found, select it.
- Click Save.
- Add the Client ID, Tenant ID, and Secret that you obtained and recorded in the previous steps to HPE CV settings:
- In the HPE CV main menu, click Cloud Accounts.
- Select the Cloud Account that you created when you registered your cloud provider, and then click Edit Cloud Account from the Actions menu.
- Enter your Client ID, Tenant ID, and Secret in the appropriate fields, and then click Next.
- Select the users who you want to access the cloud account, and then click Save.