Register and Manage Azure Cloud Accounts

Palette and Palette VerteX integrate with multiple Azure environments to support diverse organizational needs, ranging from standard commercial deployments to highly regulated government workloads. Before deploying clusters, you must register your Azure cloud account so that Palette or Palette VerteX can authenticate, provision, and manage resources on your behalf.

The following table summarizes which Azure clouds and cluster types are supported by Palette or Palette VerteX.

Azure Cloud	Palette	Palette VerteX	IaaS	AKS
Azure Commercial (Public Cloud)	✅	✅	✅	✅
Azure Government	✅	✅	✅	✅
Azure Government Secret	❌	✅	✅	❌

Add Azure Cloud Account

Use the procedures in this section to add the appropriate Azure cloud account to your Palette or Palette VerteX environment. Once registered, you can deploy clusters in your chosen Azure cloud.

Azure Commercial Cloud

Azure Commercial, also known as Azure Public Cloud, is the default option for most clusters deployed in Azure cloud. Adding your Azure Commercial account to Palette or Palette VerteX allows you to provision, manage, and scale clusters across a wide range of global regions with standard Azure services.

Prerequisites

A Palette or Palette VerteX instance with tenant admin access.
An active Azure cloud account with sufficient resource limits and permissions to provision compute, network, and security resources in the desired clouds and regions. Refer to our Azure Required Permissions guide for more information.
An Azure App with valid credentials.

Enablement

Take the following steps to add an Azure Commercial cloud account in Palette or Palette VerteX.

Log in to Palette or Palette VerteX as a tenant admin.
From the left main menu, select Tenant Settings.
From the Tenant Settings Menu, select Cloud Accounts.
Locate Azure and select Add Azure Account.

Fill out the following information, and select Confirm to complete the registration.

Basic Information	Description
Account Name	Enter a custom account name.
Cloud	Select Azure Public Cloud.
Tenant ID	Enter the unique directory (tenant) ID of your Azure subscription. This is found in the Microsoft Entra admin center.
Client ID	Enter the unique application (client) ID of your Azure application. This is found in the Microsoft Entra admin center.
Client Secret	Enter the secret value associated with your Azure application (client). Refer to Microsoft's reference guide for creating a Client Secret.
Tenant Name (Optional)	(Optional) Enter the name of your Azure tenant, if desired.
Disable Properties	Prevent Palette or Palette VerteX from creating Azure Virtual Networks (VNets) and other network resources on your behalf for static placement deployments. If you enable this option, you must manually specify pre-existing VNets, subnets, and security groups when creating clusters.
Connect Private Cloud Gateway	Select this option to deploy clusters to Azure Commercial cloud through a Private Cloud Gateway (PCG). The PCG must be deployed and registered with Palette or Palette VerteX in order to select it from the drop-down.

After providing the required values, Validate the combination of your Tenant ID, Client ID, and Client Secret. If the provided values are correct, the message Credentials validated is displayed. You cannot register your account until your credentials are validated.
Once your cloud credentials are validated, select Confirm to register your Azure Commercial cloud with Palette or Palette VerteX.

Azure Government Cloud

Azure Government is a specialized cloud designed for U.S. government agencies and their partners, offering compliance with strict security and regulatory requirements. By adding your Azure Government account to Palette or Palette VerteX, you can deploy and manage clusters in environments that meet FedRAMP and other compliance standards.

Prerequisites

A Palette or Palette VerteX instance with tenant admin access.
(Self-hosted Palette and Palette VerteX only) A PCG set up and registered with Palette or Palette VerteX if you plan to register both an Azure Commercial and Azure Government account on the same installation. If you do not configure a PCG, you must install two instances of Palette or Palette VerteX: one for Azure Commercial clusters and one for Azure Government clusters.
An active Azure cloud account with sufficient resource limits and permissions to provision compute, network, and security resources in the desired clouds and regions. Refer to our Azure Required Permissions guide for more information.
An Azure App with valid credentials.

Enablement

Take the following steps to add an Azure Commercial cloud account in Palette or Palette VerteX.

Log in to Palette or Palette VerteX as a tenant admin.
From the left main menu, select Tenant Settings.
From the Tenant Settings Menu, select Cloud Accounts.
Locate Azure and select Add Azure Account.

Fill out the following information, and select Confirm to complete the registration.

Basic Information	Description
Account Name	Enter a custom account name.
Cloud	Select Azure US Government.
Tenant ID	Enter the unique directory (tenant) ID of your Azure subscription. This is found in the Microsoft Entra admin center.
Client ID	Enter the unique application (client) ID of your Azure application. This is found in the Microsoft Entra admin center.
Client Secret	Enter the secret value associated with your Azure application (client). Refer to Microsoft's reference guide for creating a Client Secret.
Tenant Name (Optional)	(Optional) Enter the name of your Azure tenant, if desired.
Disable Properties	Prevent Palette or Palette VerteX from creating Azure VNets and other network resources on your behalf for static placement deployments. If you enable this option, you must manually specify pre-existing VNets, subnets, and security groups when creating clusters.
Connect Private Cloud Gateway	Select this option to deploy clusters to Azure Government cloud through a PCG. The PCG must be deployed and registered with Palette or Palette VerteX in order to select it from the drop-down.

After providing the required values, Validate the combination of your Tenant ID, Client ID, and Client Secret. If the provided values are correct, the message Credentials validated is displayed. You cannot register your account until your credentials are validated.
Once your cloud credentials are validated, select Confirm to register your Azure Government cloud with Palette or Palette VerteX.

Azure Government Secret Cloud

Azure Government Secret is a highly restricted cloud environment designed for workloads that require classified data handling. Palette VerteX supports cluster deployments in Azure Government Secret cloud, providing flexibility for organizations that need to meet stringent security requirements.

tech preview

This is a Tech Preview feature and is subject to change. Do not use this feature in production workloads.

Limitations

You must use Palette VerteX to deploy clusters in Azure Government Secret cloud. Multi-tenant Palette SaaS and self-hosted Palette instances are not supported.
Only Azure IaaS clusters can be deployed in Azure Government Secret cloud. AKS clusters are not supported.
Clusters deployed in Azure Government Secret cloud must use static placement and a private API server load balancer with a static IP. As a result, a PCG must be set up and registered with Palette VerteX in order to deploy clusters. The PCG must have a connection to Azure Government Secret cloud.

Clusters deployed in Azure Government Secret cloud must use Azure Disk CSI Driver version 1.31.2-rev2 for the storage layer in your cluster profile.
Clusters deployed in Azure Government Secret cloud must reference the appropriate Spectro Cloud Azure Government Secret Virtual Hard Disk (VHD) image in the OS layer of your cluster profile. These images must be uploaded to your private registry, and the <os-name-and-version> and <kubernetes-version> referenced in the VHD image must match the OS and Kubernetes layers specified in your cluster profile. Only certain OS and Kubernetes combinations are supported. Contact your customer support representative for details.
Example OS layer configuration
```
cloud:
  azure:
    sigImageId: "spectrocloudinfra2022/sig-spectrocloud-infra-<os-name-and-version>-<kubernetes-version>"
```

Prerequisites

A Palette VerteX instance with tenant admin access.
The AzureUSSecretCloud feature flag enabled.
A PCG set up and registered with Palette VerteX. The PCG must have a connection to Azure Government Secret cloud.
An active Azure cloud account with sufficient resource limits and permissions to provision compute, network, and security resources in the desired clouds and regions. This includes the required permissions for static placement.
An Azure App with valid credentials.

Enablement

Take the following steps to add an Azure Government Secret cloud account in Palette VerteX.

Log in to Palette VerteX as a tenant admin.
From the left main menu, select Tenant Settings.
From the Tenant Settings Menu, select Cloud Accounts.
Locate Azure and select Add Azure Account.

Fill out the following information, and select Confirm to complete the registration.

Basic Information	Description
Account Name	Enter a custom account name.
Cloud	Select Azure US Secret.
Tenant ID	Enter the unique directory (tenant) ID of your Azure subscription. This is found in the Microsoft Entra admin center.
Client ID	Enter the unique application (client) ID of your Azure application. This is found in the Microsoft Entra admin center.
Client Secret	Enter the secret value associated with your Azure application (client). Refer to Microsoft's reference guide for creating a Client Secret.
Tenant Name (Optional)	(Optional) Enter the name of your Azure tenant, if desired.
User Certificate	(Azure Government Secret only) Paste the combined TLS certificate chain from Azure Government Secret cloud and your private registry.
Disable Properties	Prevent Palette VerteX from creating Azure VNets and other network resources on your behalf for static placement deployments. If you enable this option, you must manually specify pre-existing VNets, subnets, and security groups when creating clusters.
Connect Private Cloud Gateway	Select this option to deploy clusters to Azure Commercial cloud through a PCG. The PCG must be deployed and registered with Palette VerteX in order to select it from the drop-down. A PCG is required to deploy clusters in Azure Government Secret cloud.

After providing the required values, Validate the combination of your Tenant ID, Client ID, and Client Secret. If the provided values are correct, the message Credentials validated is displayed. You cannot register your account until your credentials are validated.
Once your cloud credentials are validated, select Confirm to register your Azure Government Secret cloud with Palette VerteX.

Validate

Use the following procedure to verify that your Azure cloud account has been added in Palette or Palette VerteX.

Log in to Palette or Palette VerteX as a tenant admin.
From the left main menu, select Tenant Settings.
From the Tenant Settings Menu, select Cloud Accounts.
Confirm that the applicable Azure cloud account is listed in the Azure section.

Next Steps

After you have added your Azure cloud account to Palette or Palette VerteX, you can start deploying an Azure IaaS cluster by following the Create and Manage IaaS Cluster guide, or if you prefer an Azure Managed Kubernetes Service (AKS) cluster, refer to the Create and Manage Azure AKS Cluster guide. We also encourage you to check out the Getting Started tutorials for further guidance on the cluster creation process.

Add Azure Cloud Account​

Azure Commercial Cloud​

Prerequisites​

Enablement​

Azure Government Cloud​

Prerequisites​

Enablement​

Azure Government Secret Cloud​

Limitations​

Prerequisites​

Enablement​

Validate​

Next Steps​

Add Azure Cloud Account

Azure Commercial Cloud

Prerequisites

Enablement

Azure Government Cloud

Prerequisites

Enablement

Azure Government Secret Cloud

Limitations

Prerequisites

Enablement

Validate

Next Steps