Part A - Initial Account Setup

Now we need to create an Azure account. Microsoft gives you 12 months of free services and $200 of free credit towards services that are not free for the first 30 days. Be advised that Microsoft does require a valid phone number and credit card number for identity verification purposes but it is not billed unless you actually use up your free credits and still are using Azure services. They do put a $1 hold on the card. This is a cloud pentesting course and you will need some cloud assets of your own to target throughout the training.

<aside> 💡 It is highly recommended that you set up a new Azure account that is not associated with your corporate email address and that does not have any important personal or corporate resources in it. During the labs, you will be creating vulnerabilities in your cloud subscriptions for testing the techniques taught throughout the course. In order to avoid breaking anything important, it’s best to just use a new account.

</aside>

You must have administrative access over your Azure subscription. You will not be able to modify resources within your subscription if you are not an administrator, which means no labs will work.

If you already have your own personal Microsoft Azure account with administrative access skip to “Part B”.

Azure provides many of their services for free and we should not be using anything that should end up costing you anything however note that some costs may occur. Just keep in mind that by signing up your credit card will be tied to your account so be cautious about your usage. For a better understanding, I highly recommend reading through the FAQ here: https://azure.microsoft.com/en-us/free/free-account-faq/

  1. To sign up for an account first open a web browser to the Microsoft Azure sign-up page.

Create Your Azure Free Account Today | Microsoft Azure

  1. Click the “Start Free” button. If you already have a Microsoft account login with those credentials. If not, click “Create one!”. Enter an email address you control.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/be421260-629f-449b-80d7-0637ed5b384f/Untitled.png

  1. Create a password then hit “Next”. Microsoft will email you a security code. Enter the code and click “Next”. If a CAPTCHA code is presented enter the correct response.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/aa6e5700-aa0f-4b7e-9086-e870921bdea8/Untitled.png

  1. Next, Azure requires that you enter contact information along with a Credit Card. (This card is not billed at this time. Upon completion of the training feel free to cancel your account if you no longer wish to have it). They require a text message be sent to the contact number for verification.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/e66ab2b9-605c-400c-be9b-25f1612457d3/Untitled.png

  1. If you have ever signed up for an Azure account previously and used the same contact information or credit card information you will not be eligible for the “Free account”. However, that being said there are still many “free” resources available if you have a “Pay-As-You-Go plan as well. If you get a response stating that you are not eligible for Free credit sign up with the Pay-As-You-Go plan. On the payment information page click “No technical support” to avoid getting billed for it.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/6145393d-71a6-4cb6-a637-86f5e4fc9bcd/Untitled.png

Part B - AzureCloudAdmin Setup

To deploy resources to your account during the training you will use an Azure Service Principal user account. The following steps involve the creation of this account and setting the appropriate permissions.

<aside> ✏️ There are 4 items throughout the following setup steps that you will need to document:

</aside>

I. Service Principal Creation