Skip to main content
TrueFoundry supports integrating with multiple Azure services like ABS, ACR, Azure Vault, AKS, Azure OpenAI Models, Azure Repos etc. To integrate any of the above services, you simply need to add your Azure account as a provider account and add integrations for the same as shown below:
Share access with users, teams or everyone in your TrueFoundry account As shown in the previous slides, you can share access of each integration with users, teams or everyone in your TrueFoundry account. This would allow them to view and use the integration. Only tenant-admins can edit the integrations.

Azure Blob Storage(ABS) Integration

Follow the steps below to connect your Azure blob storage to TrueFoundry:
  1. Create a Azure Storage account in your resource group
    1. Instance details - You must Geo-redundant storage to make sure your data is available through other regions in case of region unavailability.
    2. Security - Make sure
      1. DISABLE Allow enabling anonymous access on individual containers
      2. ENABLE Enable storage account key access
    3. Network access - ENABLE Allow public access from all networks
    4. Recovery - You can keep it to default for 7 days.
  2. Create an Azure container inside the above storage account.
  3. Search for CORS from the left panel and for Blob service (optional for File service Queue service and Table Service, only apply the change if you are using them) select the below options
    1. Allowed Origins - * or your control plane URL
    2. Allowed Methods - GET, POST, PUT
    3. Allowed Headers - *
    4. Exposed Headers - Etag
    5. MaxAgeSeconds - 3600
  4. Collect the following information
    1. Standard endpoint - Endpoint of the blob storage Once the container is created we need to get the standard endpoint of the blob storage along with the container which will look something like this. Replace this with your storage account name and the container name. 
      https://*mystorageaccount*.blob.core.windows.net/*mycontainer*/
    2. Connection string - From the Azure portal in your storage account, head over to the Security + Networking section under Access keys which will contain the Connection String .
  5. Head over to the Integrations tab from the sidebar and follow the steps shown in the previous demo to complete the integration.

Azure Container Registry(ACR) Integration

To add Azure Container registry, follow the steps below:
  1. Create an Azure container registry in your Azure resource group.
    1. Connectivity access - Public from (all networks)
  2. Collect the following information
    1. Your container registry name will be in the format <name>.azurecr.io
    2. The username and password for the container registry can be copied from Access keys under Settings in the left panel of the Azure portal in your container registry resource.
      Enable the Admin User to copy the username and the password
  3. Head over to the Integrations tab from the sidebar and follow the steps shown in the previous demo to complete the integration.

Azure AKS integration

To add support of Azure AKS integration, follow the below steps
  1. Create an Azure Ad App registration
  2. Create a client secret for the Azure AD application with custom expiration set to a long time. You can do this from the left panel -> Certificates and Secrets.
  3. Head over to the AKS cluster and add Reader and Monitoring Reader role to the above Azure AD application. This can be done from Azure portal -> kubernetes services -> AKS cluster -> Access Control.
  4. Head over to the Integrations tab from the sidebar and follow the steps shown in the previous demo to complete the integration.

Azure Key Vault Integration

To add Azure Key Vault as a secret store, follow the below steps: Prerequisites
  1. Create an Azure Key Vault in your resource group if you don’t have one already.
    1. Navigate to the Azure Portal and search for “Key Vaults”.
    2. Click + Create to create a new Key Vault.
    3. Select your subscription and resource group.
    4. Enter a unique name for your Key Vault
    5. Select the region and pricing tier.
    6. Click Review + create and then Create.
  2. Ensure the Azure provider account used for the integration has the necessary permissions to access the Key Value, also make sure that you give all read, write, list and delete permissions.
Adding Azure Key Vault in TrueFoundry
  1. Navigate to Integrations from the sidebar and click Add Integration Provider.
  2. Select Azure as the provider type.
  3. Fill in the provider account details:
    FieldDescription
    NameA unique name for your Azure provider account. Must be 3-32 lowercase alphanumeric characters, may contain hyphens, and cannot start with a number.
    Azure Subscription Id (Optional)Your Azure subscription ID.
Azure Key Vault Integration Form in TrueFoundry

Azure Key Vault Integration Form

  1. Under Integrations, click to expand Azure Vault and fill in the following:
    FieldDescription
    Display NameThe name that will be displayed in the TrueFoundry UI for this integration.
    Azure Key vault NameThe name of your Azure Key Vault (e.g., my-vault-name).
    Access Control (Optional)List of users or teams allowed to use this integration. Format: <user_type>:<username>. Defaults to everyone.
    Azure OAuth (Optional)Enable this to use Azure OAuth for authentication.
  2. Click Add Integration Provider to save your integration.