Integration with Microsoft Azure

Termius for Windows, macOS, and Linux allows you to integrate your Microsoft Azure cloud with Termius.

This integration involves the secure import of Virtual Machines to a group in Termius which automatically updates to reflect the changes in your Azure subscription. Once you add or remove a server at Azure or change a VM's details, a host entry will appear, disappear, or be updated in Termius.

For each Virtual Machine at Azure, Termius imports the Name and Public IP address.

To connect Termius to your Azure cloud, you need to:

1. Create an Azure AD application and service principal that can access information about Virtual Machines. Such a service principal can be created with the Azure portal, CLI or PowerShell. The Directory (tenant) ID, Application (client) ID and Secret Value you'll receive will be used by Termius to interact with Azure.

2. Enable importing of your Virtual Machines at Azure to a group.

Note: Azure integration is unavailable in the Starter (free) plan.

Create an Azure service principal

The following instruction describes how to create a service principal with the Azure portal:

1. Navigate to the Azure portal.

2. Select Azure Active Directory from the left-hand side menu.

   
   

   

   
   
   

3. Select App registrations and + New registration
   

   

   
   

4. Enter a name for the application (the service principal name).

5. Select Accounts in this organizational directory only.

6. Then select Register.

7. Copy the Directory (tenant) ID and Application (client) ID to the Tenant ID and Client ID fields in Termius.
   
   

   

8. Select Certificates & secrets and + New client secret under Client secrets
   

   

   
   

9. Provide a Description and set the Expires for the secret

10. Copy the Secret Value to the Client Secret field in Termius
    
    

    

Assign a role to the Azure application

To access information about virtual machines in your subscription, you must assign an appropriate role to the created application. We recommend using a role with minimum required permissions. Termius needs only permission to read information about virtual machines and networks. If you don't want to create a custom role for Termius, you can use the Virtual Machine Administrator Login built-in role.

You can set the scope at the level of the subscription, resource group, or resource. The following instruction describes how to assign a role at the subscription scope:

1. Search for and select Subscriptions, or select Subscriptions on the Home page.

2. Select the particular subscription to assign the application to.

3. Select Access control (IAM).

4. Select Add > Add role assignment to open the Add role assignment page.
   
   

   

5. In the Role tab, select the Virtual Machine Administrator Login role or the role you wish to assign to the application and select the Next button.

6. In the Members tab, select Assign access to -> User, group, or service principal, then select Select members and find your application.
   
   

   

7. Click the Review + assign button.

When your service principal is set up, Termius can load information about virtual machines.

Enable Azure integration in Termius

1. Create an Azure integration in Termius.

2. Copy Directory (tenant) ID of your Azure application to the Tenant ID field.

3. Copy Application (client) ID of your Azure application to the Client ID field.

4. Copy Value of a Client Secret of your Azure application to the Client Secret field.

5. Click ➔ at the top right.