The goal of the integration process is to securely establish a Service Principal in your Azure tenant for the Lucidity AutoScaler application, which is hosted in Lucidity’s Azure AD tenant. This enables Lucidity to perform automated storage scaling operations while maintaining least-privilege access and full auditability. To allow this, your Azure tenant must trust Lucidity’s Multi-Tenant Application:
Lucidity AutoScaler App ID: 4f2c2c1f-372a-4904-b13d-11e2467679f2
Lucidity does not create this application in your tenant, rather Azure automatically creates a Service Principal instance of Lucidity Application within your subscription when onboarding. There are two ways to complete the integration:
Automated Integration via Lucidity Dashboard (Recommended)
Lucidity automatically initiates creation of the Service Principal and assigns the required RBAC roles through dashboard.
Used only when automated flow is not permitted due to security or policy constraints.
Both Automated Integration via Lucidity Dashboard and Manual Setup performs the following actions to ensure secure and effective integration of your Azure account with Lucidity Backend:
Creation of New Service Principal
A new service principal is created and linked to the Lucidity Application. This service principal acts as a security identity used by Lucidity to access Azure resources.
Creation of Custom Role
Depending on the selected services (AutoScaler, Assessment, or both), one or two custom roles are created. These roles define the permissions required by Lucidity to manage and monitor Azure resources effectively.
Note
If both Assessment and AutoScaler are chosen, two distinct roles are created to accommodate the specific permissions needed for each service.
Linking Service Principal to Custom Role
The newly created service principal is linked to the custom role(s) across one or more Azure subscriptions. This ensures that Lucidity has the appropriate level of access to perform its operations.