TrademarkTrademark
Features
Documentation
Pricing
About
Get Started
All articles

Setting up Scalr & Azure DevOps Part 3 - Add Azure credentials

Learn how to authenticate with Microsoft Azure using Scalr provider credentials. Part 3.
Jack RoperMarch 21, 2022
Setting up Scalr & Azure DevOps Part 3 - Add Azure credentials

This was written by Jack Roper, a guest blogger.

To get started using Scalr with Azure DevOps, there are 3 initial stages to go through. In this series of 3 posts on using Scalr with Azure DevOps, I will walk through each stage step-by-step.

This is the second post in the series that will focus on stage 2 — how to add Azure credentials and link them to an environment.

If you missed the first post in the series, check it out here — picking a workflow.

And finally, post 3 in the series will focus on how to execute your Terraform code and create a workspace, both using PR automation, and by Plugging the CLI into Azure DevOps. There is a third way to create a workspace using the module registry as well, but this still uses the VCS connection.

Provider credentials

In order to authenticate with our cloud provider (Microsoft Azure), we need to provide Scalr with some credentials. Credentials can be stored in Scalr in a central location, enabling you to share them across workspaces. They can also be shared across environments, but there can only be one set of credentials per provider type for each environment (I've been told this limitation will be removed very soon and multiple credentials for the same provider will be able to be added to each environment). The credentials are encrypted and are stored securely. Credentials are passed to all workspaces in the environment as shell variables. By doing this, the team can restrict who actually has access to the credentials and all new workspaces will automatically inherit them making management of credentials very easy.

In this post, we will also show how to create the necessary credentials in Azure as an Azure Active Directory app registration, and assign it an appropriate role.

As we will be using Terraform with Scalr to deploy infrastructure to Azure, in the third and final post of the series, we will show how when a Terraform run is executed within a workspace, the provider credentials are automatically passed to the run as a shell variable.

Adding Credentials to Scalr

  1. Log into Scalr and hit the icon top left. Select 'Manage Account' in the drop-down menu.

Scalr account dropdown menu with Manage Account option

  1. If this is the first set of credentials you will be adding, you will be presented with the 'getting started' screen, and the 'add cloud credentials' button.

Scalr getting started screen with add cloud credentials button

Alternatively, if you already have credentials added, hit the icon top left again, and select 'provider credentials' from the drop-down.

Scalr top left menu showing provider credentials option

  1. Choose 'add credentials' then choose the Azure provider from the drop-down menu. Note that if you want to use a provider that does not have an option in Scalr, you can use the shell variable option to achieve similar functionality.

Scalr add credentials button on provider credentials page

Scalr provider dropdown menu with Azure selected

  1. At this point jump over to the Azure portal and log in to your account. Click on Azure Active Directory → App Registrations.

Azure portal Azure Active Directory App Registrations menu

Press register. On the next screen copy the details shown in the essentials section.

Azure App Registration essentials section with application IDs

Next click on secrets -> new client secret

Azure App Registration certificates and secrets new client secret option

Enter the description and the expiry date.

Azure add a client secret dialog with description and expiry fields

Press add, then copy the secret value. You will only be able to see this once.

Next, we need to give the app registration permission to the Azure Subscription we want to use with Scalr. Browse to your subscription, and click on Access Control (IAM).

Azure subscription with Access Control IAM menu highlighted

Click role assignments, then add -> add role assignment.

Azure IAM role assignments tab with add role assignment option

Here I choose contributor (has full access to the subscription but cannot change permissions) then hit next.

Choose 'Select members and in the search bar type the name of the app registration you set up earlier.

Azure role assignment Select members search for the app registration

Azure role assignment showing the selected app registration as a member

Press select, then review & assign.

Azure role assignment review and assign confirmation screen

  1. Back in Scalr, add the details you copied from the app registration:

Scalr Azure provider credentials form with app registration details

Press save. If the connection is successful, your subscription will show in the drop-down subscription menu. Select it and press Save.

  1. Link the provider credentials to the required environments by clicking on the Scalr icon top left, then environments.

Scalr top left icon menu with Environments option

Scalr environments list page

Select the environment, and then the Provider Credentials tab.

Scalr environment Provider Credentials tab

Across from the Azure provider, hit Link, then select the tickbox next to the provider credential we created earlier.

Scalr Link credentials button next to the Azure provider row

Scalr link credential dialog with provider credential tickbox selected

Lastly, press save!

Summary

In this post, we have shown how to create an App Registration in Azure, assign it a role in the subscription, and successfully add it to Scalr as a provider credential. We then linked the provider credential to the Scalr environment.

In the previous post, we linked Scalr to our Azure DevOps VCS provider.

In the next post, we will execute some Terraform code to deploy infrastructure to Azure!

Cheers! 🍻

About the author
Jack RoperDevOps engineer
Jack Roper is a DevOps engineer and technical writer specializing in Terraform and cloud infrastructure.
Part of
Thumbnail of CI/CD and GitOps for Terraform & OpenTofu

CI/CD and GitOps for Terraform & OpenTofu

Comprehensive guide to building robust CI/CD pipelines and implementing GitOps workflows for Terraform and OpenTofu infrastructure automation.
Sebastian Stadil
March 31, 2026
More on this topic
Integrating Terraform with Backstage
The No-Nonsense Guide to ArgoCD
Top 10 Continuous Delivery Tools of June 2025
Top 10 GitOps Tools for 2025: A Comprehensive Guide
Everything you need to know about using Terraform or OpenTofu with Slack
Using Terraform with GitLab
Key DevOps Metrics You Should Be Tracking in 2025
Terraform and OpenTofu with Dependabot
Terraform Notifications in Microsoft Teams
The Complete Guide to DevOps Monitoring Tools in 2025: Choosing the Right Solution for Your Infrastructure
Top Jenkins Alternatives & Specialized IaC Tools
Why You Should Use Dependabot with Terraform and OpenTofu
Mastering Terraform at Scale: A Developer's Guide to Robust Infrastructure
Integrating Terraform Events w/ AWS EventBridge
How to use the Azure DevOps Terraform Provider
Deploying your infrastructure with Scalr and GitHub Actions
Terraform Configuration Ingestion
Setting up Scalr & Azure DevOps Part 3 - Execute Your Terraform Code and Create a Workspace
Setting up Scalr & Azure DevOps Part 1 - Picking a Workflow
Terraform Cost Estimation in 2021: The Definitive Guide