Skip to main content

Azure Marketplace

Deploy from Azure Marketplace

  1. Ensure the logged in user has the required roles/permissions on the subscription where it is being deployed.
    1. If the Owner role is not assigned, recommended roles on Azure Subscription are:
      • Contributor
      • Role Based Access Control Administrator for role assignment of Service Principals to the following roles:
        • Contributor
        • Key Vault Secret Officer
        • Key Vault Cypto Officer
        • Key Vault Certificate Officer
        • Monitoring Metrics Publisher
    2. If more granular permissions are desired, recommended permissions on Azure Subscription are:
      • Actions
        • Microsoft.Resources/*
        • Microsoft.AlertsManagement/*
        • Microsoft.Communication/*
        • Microsoft.Insights/*
        • Microsoft.KeyVault/*
        • Microsoft.ManagedIdentity/*
        • Microsoft.OperationalInsights/*
        • Microsoft.Sql/*
        • Microsoft.Web/*
        • Microsoft.Authorization/roleAssignments/* for role assignment of Service Principals
  2. Ensure the following providers are registered:
    • Microsoft.AlertsManagement
    • Microsoft.Communication
    • Microsoft.Insights
    • Microsoft.KeyVault
    • Microsoft.ManagedIdentity
    • Microsoft.OperationalInsights
    • Microsoft.Sql
    • Microsoft.Web
  3. Go to the Marketplace listing: https://azuremarketplace.microsoft.com/marketplace/apps/whoiamai1647469237981.locksmith
  4. Click Get It Now and follow the instructions.

Pull new releases from WhoIAM container registry

The Azure Marketplace does not provide a way for existing deployments to get updates or new releases. However, it is possible to update the App Service resource to pull new releases from the WhoIAM container registry. You may request access to this registry from WhoIAM which will allow the following ARM template to be executed.

Convert App Service to Pull Container Image from Registry

Deploy to Azure

  1. Load ARM Template in Azure Portal by clicking the button above or following the steps below.
    1. Download the convertAppServiceToContainer ARM template.
    2. Navigate to https://portal.azure.com/#create/Microsoft.Template
    3. Select "Build your own template in the editor"
    4. Select Load file, select the downloaded template file, and select Save.
  2. Select the resource group containing the App Service resource.
  3. Enter the following parameters:
    • App Service Name = <name of resource>
    • Container Registry Image = locksmith
    • Container Registry Image Tag = <provided by WhoIAM>
    • Container Registry Server URL = <provided by WhoIAM>
    • Container Registry Server name = <provided by WhoIAM>
    • Container Registry Server password = <provided by WhoIAM>
  4. Select Review + create and then Create.