Manually configuring Azure Event Grid, Service Bus namespace, and Service Bus queue - Adaptive Applications - BlueCat Gateway - 22.1.1

Cloud Discovery & Visibility Administration Guide

Locale
English
Product name
BlueCat Gateway
Version
22.1.1

If you Azure user account has write permissions to the Event Subscription, Service Bus queue, and Service Bus namespace, the Enable Visibility after Discovery option attempts to create the namespaces, queue, and event subscription if they do not exist in Azure. If your Azure user account does not have the correct write permissions, you must manually configure the Event Subscription, Service Bus queue, and Service Bus namespace rules. The following section outlines how to create the required rules for your account in Azure to enable visibility.

Cloud Discovery & Visibility creates a hash which is appended to the names of Event Subscription, Service Bus queue, and Service Bus namespace strings. The hash is produced from a string that is a combination of the Address Manager username, the Address Manager URL, the configuration name, the Azure subscription ID, and the Azure resource group, separated by underscores. In the following example, the string consists of the following information:
  • Address Manager username api
  • Address Manager URLhttp://192.168.57.103/Services/API?wsdl
  • Configuration name(empty)
  • Azure subscription ID0df76cb1-4f69-17c5-b73a-18e5f04d4769
  • Azure resource grouprg-1

The example information produces the string api_http://192.168.57.103/Services/API?wsdl_0df76cb1-4f69-17c5-b73a-18e5f04d4769_rg-1. Cloud Discovery & Visibility produces the following hash from this information: 0fc68bb65daaabb158956db7dbe485d8.

You can manually generate the hash of the string using the following command:
echo -n <string> | md5sum
If this fails due to the account having insufficient write permissions to those services, contact an Azure administrator to grant you temporary write access or have them configure the Event Subscription, Service Bus queue, and Service Bus namespace as follows:
  • Create a Service Bus namespace in your resource group with the name BC-CDV-SB-NS-<hash string>. For example, the namespace created is BC-CDV-SB-NS-0fc68bb65daaabb158956db7dbe485d8:

  • Create a Service Bus queue in your resource group with a name in the following format: BC-CDV-SB-QUEUE-<hash string>. For example, the queue created is BC-CDV-SB-QUEUE-0fc68bb65daaabb158956db7dbe485d8:

  • Create an Event Subscription in your resource group with a name in the following format: BC-CDV-EV-SUBSCRIPTION-<hash string>. In the Event Types, select the following resources:

    • Select Service Bus Queue as an endpoint for the Event Subscription. For example, the event subscription created is BC-CDV-EV-SUBSCRIPTION-0fc68bb65daaabb158956db7dbe485d8


  • The event subscription created is BC-CDV-EV_SUBSCRIPTION-0fc68bb65daaabb158956db7dbe485d8.

    Under Filters, select the following Advanced Filters:
    Type Value
    Virtual Network Microsoft.Network/virtualNetworks
    Virtual Machine Microsoft.Compute/virtualMachines
    Load Balancer Microsoft.Network/loadBalancers
    Private DNS Zone Microsoft.Network/privateDnsZones
    DNS Zone Microsoft.Network/dnszones
    Private Endpoint Microsoft.Network/privateEndpoints
    Kubernetes Service Microsoft.ContainerService/managedClusters

Once you have created the Event Subscription, Service Bus queue, and Service Bus namespace in Azure, you can select the Enable Visibility after Discovery option. After the visibility task has run once and the Event Subscription, Service Bus queue, and Service Bus namespace are defined in Azure, your Azure administrator can revert your Azure account permissions to read-only if you were granted temporary write access.