Azure Permissions used by Dome9

In this topic:

    This topic describes the Azure applications and role permissions that Dome9 uses to manage your accounts.

    The applications, and the role permissions granted to it, give Dome9 permission to manage specific entities (such as Security Groups, Instances, etc) in your Azure account. The roles depend on whether the account is managed as Read-Only or Manage.

    You must create a new Web App/API application (call it Dome9-Connect, for example)

    Read-Only 

    You must add this Access Control role to the Web App/API application, in your subscription:

    •  Reader Role 

    Manage

    You must add these Access Control roles to the Web App/API application, in your subscription:

    • Reader Role 
    • Network Contributor

    See also

    Onboard an Azure account to Dome9