Self-Hosted Azure PaaS Resources

To run Privilege Manager on the Microsoft Azure PaaS platform, deploy the following Azure resources to your Azure subscription.

SQL Database

Create the Azure SQL Database resource for Privilege Manager using a new or existing Azure SQL Server. Any type of Azure SQL Database can be used and a basic single database can be created using these instructions: Create a single database - Azure SQL Database | Microsoft Docs.

  • Make sure to add a firewall rule to the Azure SQL Server to allow connection from Agent Gateway and Management Portal to the SQL Server. You can do so by adding Gateway App Service's outbound addresses to the firewall's rules, or by configuring private connectivity with these instructions (Recommended option)
  • Don't use the following characters in SQL user's password: > &

Management Portal

Create an Azure App service resource for the Privilege Manager Management Portal using the new or existing App Service Plan. Use the following configurations when creating the App Service:

  • Publish: Code
  • Runtime stack: ASP.NET 4.x

Enable HTTPS only for the Azure App service (from App Service TLS/SSL settings page).

Register a custom domain if needed (from App Service Custom domains page).

Configure your App Service or Azure Functions app to use Azure AD login and allow Privilege Manager administrators and Service Desk personnel to access the Azure AD Enterprise Application created when Azure AD authentication is enabled for the Management Portal.

Agent Gateway

Create the Azure App service resource for Agent Gateway using a new or existing App Service Plan. Use the following configurations when creating the App Service:

  • Publish: Code
  • Runtime stack: ASP.NET 4.x

Enable HTTPS only for the Azure App service (from App Service TLS/SSL settings page).

Register a custom domain if needed (from App Service Custom domains page).


See next:

Portal Authentication

Copyright © 2023 Recast Software, LLC. All rights reserved.