New authentication pattern in Azure DocKit
Azure Doc Kit now has a new authentication mechanism based on Azure Active Directory.
As we wanted to make the generation of Azure documentation as easy as possible, we have remove the need to create and upload a management certificate.
You can now use an Azure Active Directory account to connect to your subscription and generate the document. One important point to note is that the account needs to be global admin on the Active Directory and Subscription Co-Administrator (see last section of this blog post to see the detailed steps to create the account).
The document generation is a two steps process:
Step 1: Enter the Azure Active Directory tenant
In this first step, you need to enter the Azure Active Directory full name that contains the login that you want to use to generate the documentation. This Azure Active Directory must be linked to the subscription that you want to document.
As an example, you should enter Microsoft Azure Active Directory tenant information like mytenant.onmicrosoft.com, nameoutlook.onmicrosoft.com or azuredockit.com if you have custom domain name.
Step 2: Select the subscription that you want to document
Once you have entered the tenant information, you will automatically be redirected to the Microsoft login page.
You need to first enter you login and password and then accept the consent permissions:
Once done select the appropriate subscription and click on Generate Documentation to create the documentation:
How to create a user that has the required privilege to generate documentation
First, select the Azure Active Directory that you want to use to connect to the subscription and click on.
Then enter the information required and select Global Admin as we want the user to be able to list all users, groups and everything in the Active Directory.
Once done, you need to add the user as a Co-Administrator on the subscription so that he gets access to everything in the subscription (support for Read-Only RBAC is in our roadmap).
Go in the subscription settings:
Click on and enter the user you have created in the previous step:
You are now ready to go to use this account to document your subscription.