Azure
Automate your team's infrastructure access on Azure.
Setup
- Create or sign into your Azure account
- Connect your Azure organization to Hyphen
- Sign in with your Azure account
- Select the Azure tenant you wish to connect
- Select a subscription to use for resource management
Important: The user performing the integration must have the Global Administrator role in the Azure Active Directory tenant and must be assigned as Owner on the subscription that will be used.
That's it! After you've completed these steps, Hyphen will automatically:
- Verify the credentials and selected tenant
- Grant necessary permissions to the Hyphen service
- Configure the required role assignments for resource management
Required Permissions
The one-click installation requires the following Microsoft Graph API permissions:
CrossTenantInformation.ReadBasic.AllAppRoleAssignment.ReadWrite.AllApplication.ReadWrite.AllRoleManagement.ReadWrite.Directory
Required OAuth Scopes
To perform the setup and ongoing management securely, Hyphen requires access to the following Azure scope:
https://management.azure.com/user_impersonation
https://management.azure.com/user_impersonationThis scope allows Hyphen to manage resources across your Azure organization. It is required to:
- List subscriptions and tenants
- Create and manage resource groups
- Assign roles and permissions to users and groups
- Manage Azure resources on your behalf
These permissions are necessary to let Hyphen create and manage Azure resources and access control on your behalf.
Configuration
| Field | Type | Description |
|---|---|---|
azureTenantId | string (required) | Azure Tenant ID provided by the user, used to authenticate future requests. |
subscriptionId | string (required) | Azure Subscription ID provided by the user, used for future requests. |
name | string | Name pulled during setup, used for reference and display. |
Connections
Permission Group
Permission Group connections link to existing Azure Groups or create a new group if none is provided.
When creating a new group in Azure, the name will be the Hyphen Team name.
Configuration
| Field | Type | Description |
|---|---|---|
groupId | string | Unique group ID in Azure, used for reference and future calls. |
groupName | string | Group name in Azure, used for display. |
Connection Input
Provide the Azure group ID to connect to an existing group.
Verification
A verification email will be sent to the group owners' emails to verify existing groups.
Access
A Member connection will be added as a member when added to the group.
Cloud Workspace
Cloud Workspace connections link to existing Resource Groups in Azure or create a new one if none is provided.
When creating a new resource group, the name will combine the Hyphen project name and the Hyphen project environment name.
Configuration
| Field | Type | Description |
|---|---|---|
resourceGroupId | string | Unique resource group ID in Azure, used for reference and future requests. |
resourceGroupName | string | Unique resource group name in Azure, used for display and reference. |
Connection Input
Provide the Azure resource group name to connect to an existing Resource Group.
Access
A Team connection will be added with the “Owner” role when added to the resource group.
User
User connections link to existing Azure Users. If no input is provided, the member email will be used to find the existing User.
Configuration
| Field | Type | Description |
|---|---|---|
userId | string | Unique user ID in Azure. |
email | string | Unique user email in Azure. |
Connection Input
Provide the Azure member email to connect to an existing User.
Updated 4 days ago