Setup

1. Create or sign into your Azure account

• Sign in to Azure Portal
  or
• Create a new Azure Cloud account

2. Add Hyphen application

Azure Cloud Shell Documentation

• Open Azure Cloud Shell

• Execute the following command:

  Bash

  az ad sp create --id

• You should see in the response that the verifiedPublisher contains Hyphen AI Inc with id 6875541.

3. Copy your subscription ID

• Copy the subscription ID for the subscription you would like to use.

4. Create Hyphen role

• In the Azure Cloud Shell, enter the following command, replacing ###SUBSCRIPTION_ID### with the subscription id you copied in the previous step:

  Bash

  az role definition create --role-definition '{
      "Name": "Hyphen",
      "Description": "Create and manage resources via Hyphen",
      "AssignableScopes": [
          "subscriptions/###SUBSCRIPTION_ID###"
      ],
      "Actions": [
          "Microsoft.Authorization/roleAssignments/write",
          "Microsoft.Authorization/roleAssignments/delete",
          "Microsoft.Authorization/roleAssignments/read",
          "Microsoft.Resources/subscriptions/read",
          "Microsoft.Resources/subscriptions/resourceGroups/read",
          "Microsoft.Resources/subscriptions/resourceGroups/write",
          "Microsoft.Resources/subscriptions/resourceGroups/delete"
      ],
      "NotActions": [],
      "DataActions": [],
      "NotDataActions": []
  }'

5. Assign Hyphen role

• In the Azure Cloud Shell, enter the following command:

  Note: Replace the ##SubscriptionId## with the subscription ID where you will have Hyphen deploy resources.

  Bash

  az role assignment create --assignee  --role "Hyphen" --scope subscriptions/###SUBSCRIPTION_ID###

6. Grant Hyphen application admin consent

Grant Application Consent Documentation

• In the Azure Portal, search for Hyphen Dev in the search box, and select the Hyphen Enterprise Application.
• Go to Security > Permissions.
• On the permissions page, click the Grant admin consent for Default Directory button.
• Doing so will grant these permissions:
  • Directory.Read.All
  • Group.Read.All
  • User.Read.All

7. Copy and paste your object ID

• Go to Overview and copy the Object ID of the Hyphen application.

8. Add Enterprise Application tag

• In the Azure Cloud Shell, enter the following command, replacing ###OBJECT_ID### with the id you copied from the previous step. This will add the Enterprise Application tag to the Hyphen application:

  Bash

  az ad sp update --id ###OBJECT_ID### --set 'tags=["WindowsAzureActiveDirectoryIntegratedApp"]'

• Note: When browsing the Enterprise Applications Blade, you may need to remove the "Enterprise Applications" filter to see the Hyphen application.

9. Connect Tenant

• On the Azure Integration page in the Hyphen portal, test and connect the Azure integration.

---

Configuration

---

Connections

Permission Group

Permission Group connections link to existing Azure Groups or create a new group if none is provided.

When creating a new group in Azure, the name will be the Hyphen Team name.

Configuration

Connection Input

Provide the Azure group ID to connect to an existing group.

Verification

A verification email will be sent to the group owners' emails to verify existing groups.

Access

A Member connection will be added as a member when added to the group.

---

Cloud Workspace

Cloud Workspace connections link to existing Resource Groups in Azure or create a new one if none is provided.

When creating a new resource group, the name will combine the Hyphen project name and the Hyphen project environment name.

Configuration

Connection Input

Provide the Azure resource group name to connect to an existing Resource Group.

Access

A Team connection will be added with the “Owner” role when added to the resource group.

---

User

User connections link to existing Azure Users. If no input is provided, the member email will be used to find the existing User.

Configuration

Connection Input

Provide the Azure member email to connect to an existing User.