> ## Documentation Index
> Fetch the complete documentation index at: https://docs.scale3labs.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Guide for Azure

> This doc will help you setup Nodepilot on Azure Account

Nodepilot makes it easy to setup and maintain a standalone blockchain node on Azure. This guide will help you with the steps that you need to perform for Nodepilot.

# Prerequisites

* An Azure account
* Azure Virtual Network setup with subnets in desired location

# Create Service Principal

For Nodepilot to be able to crete and manage resources on your Azure account, you need to .

You can create an access key by following the instructions.

<Tabs>
  <Tab title="Azure Console">
    1. Login to your Azure Account:
       Log in to your Azure account using the Azure portal: [https://portal.azure.com/](https://portal.azure.com/)
    2. In the search bar type in “Marketplace”

    * Type in “Scale 3” in the marketplace search bar

    * Click on “Scale 3” and then subscribe
          <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure1.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=5bf1a01c4ee9b60d19df4468cc1ac22d" alt="" width="2340" height="1054" data-path="images/azure1.png" />

    * Selected your superscription, create a resource group and name your SaaS details
          <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure2.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=a91d6bbb267ae7e4a9a933d05cba2a15" alt="" width="1428" height="1368" data-path="images/azure2.png" />

    * Press “Next Tabs”, and add tags (optional)

    * Press “Next review and Subscribe

    * Review all of the information then press subscribe.
          <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure3.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=8b68ea0d845e2512222ed26e09c96673" alt="" width="1222" height="1368" data-path="images/azure3.png" />
      * Your subscription is being processed. Wait about a minute then click on “Configure account now”
      * A new page will open to create a scale3 account. (**Hold off for now, this step will be last**)

    3. Create a Service Principal:

       * In the left-hand menu, select “Microsoft Entra ID”
             <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure4.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=afb2d050f5d570886de46beab94a4524" alt="" width="421" height="839" data-path="images/azure4.png" />
       * Go to "App registrations" and click on "+ New registration".
             <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure5.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=3dd3539029e23f4979862790d40101eb" alt="" width="2866" height="1278" data-path="images/azure5.png" />
       * Fill in the necessary details for your application, such as the name.
       * Under "Supported account types", choose "Accounts in this organizational directory only (Default Directory only - Single tenant)"
       * Click "Register" to create the app registration.

    4. Create a Client Secret:
       * After creating the app registration, go to the "Certificates & secrets" section on the left.
       * Under the "Client secrets" section, click on "+ New client secret".
             <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure6.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=69a786fa7b6ea65aa7fa878495f4c575" alt="" width="1906" height="1384" data-path="images/azure6.png" />
       * Add a description, choose an expiration, and click "Add".
       * Copy the client secret value before leaving the page. You will need it later.
             <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure7.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=9f3a59cebbaae6d249cca90af2779181" alt="" width="2834" height="1402" data-path="images/azure7.png" />

    5. Assign Role (Permissions) to Service Principal:

       * Once the client secret is created, go to the Azure resource group you want your application to have access to.
         If you don't have a Resource Group, create one on the Azure portal [here](https://portal.azure.com/#create/Microsoft.ResourceGroup). Note down the Resource Group name, Subscription Name and Region.
       * In the resource group's "Access control (IAM)" section, click on "Add role assignment".
             <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure8.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=5e254abbdcb8e2e5c7e586aaa3daba64" alt="" width="2588" height="1472" data-path="images/azure8.png" />
       * In "Priviledged administrator roles" tab, select "Contributor" role, click next.
             <img src="https://mintcdn.com/scale3labs/_YBC6j0AAsWI2tQU/images/azure9.png?fit=max&auto=format&n=_YBC6j0AAsWI2tQU&q=85&s=995082393e22bc1b94594e99577ad0a4" alt="" width="2850" height="1408" data-path="images/azure9.png" />
       * Select members, search for the app registration (service principal) you created, and review and assign.
             <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure10.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=5a0ab47a5e1891e88ee70bfeab057722" alt="" width="1172" height="645" data-path="images/azure10.png" />
             <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure11.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=c21013c4e42f5e20bde2e0a2260f20bf" alt="" width="1170" height="648" data-path="images/azure11.png" />

    6. To get the app id and tenant id, open the app registration overview page, you will see the app id and tenant id there.
           <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure12.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=f2a748ca9a9ef6cd4180ce619633207f" alt="" width="2332" height="956" data-path="images/azure12.png" />

    7. To find the subscription id, you need to open the subscription page, you will see the subscription id there. Make sure to use the same subscription that you used in assigning the role to the service principal.
           <img src="https://mintcdn.com/scale3labs/UCE5WUGPVmoirSQa/images/azure13.png?fit=max&auto=format&n=UCE5WUGPVmoirSQa&q=85&s=e5186443da11f932672a97203b430112" alt="" width="1180" height="628" data-path="images/azure13.png" />

    # Connect Azure Platform

    1. Go to [https://scale3labs.com/](https://scale3labs.com/)
    2. Sign in or create a new account
    3. On the home page, create a new node, then deploy.
           <img src="https://mintcdn.com/scale3labs/_YBC6j0AAsWI2tQU/images/connectazure.png?fit=max&auto=format&n=_YBC6j0AAsWI2tQU&q=85&s=2ad48dafd93fcc64f4815f323688c6eb" alt="" width="2858" height="818" data-path="images/connectazure.png" />
    4. Enter the following information for your node.
    5. Select Azure as the "platform".
    6. In the "Connected Plaform" section, select "+ Connect Platform"
    7. Enter the following information from the Azure account from the previous steps.
           <img src="https://mintcdn.com/scale3labs/_YBC6j0AAsWI2tQU/images/connectazure1.png?fit=max&auto=format&n=_YBC6j0AAsWI2tQU&q=85&s=0673ee8fc7249f574ab86b8fee8acdb2" alt="" width="2184" height="1288" data-path="images/connectazure1.png" />
    8. Once you've done this, click "Connected Platform at the bottom and finish deploying your node.
    9. Your node will be up and running shortly.
  </Tab>

  <Tab title="Azure Cli">
    This step assumes that you have installed and configured Azure CLI on your machine. If not, you can follow the instructions [here](https://learn.microsoft.com/en-us/cli/azure/install-azure-cli).

    1. List Subscriptions
       ```bash theme={null}
       az account list
       ```
       Here, you may see multiple subscriptions, select the one that you want to use for Nodepilot. Copy the subscription ID to be used in the next step.
    2. Set the Subscription
       ```bash theme={null}
       az account set --subscription="<Subscription ID>"
       ```
    3. Create Service Principal
       ```bash theme={null}
       az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/<Subscription ID>"
       ```
       Here, we are giving contibutor access, but you can restrict the access just to desired services.
    4. Copy `appId`, `password` and `tenant` from the output and keep it safe. You will need it later.
  </Tab>
</Tabs>

# Inputs to Scale3 Nodepilot

Nodepilot requires some inputs to run the setup. The following are the inputs that you need to provide:

|         Property         |                Description                |        Example       |                               Comments                               |
| :----------------------: | :---------------------------------------: | :------------------: | :------------------------------------------------------------------: |
|         Hostname         |             Name of the server            | sui-mainnet-fullnode | This will be used as the hostname of the server and visible on Azure |
|         Location         |               Azure location              |      West Europe     |             Location where you want to create the server             |
|         VPC Name         |         Azure Virtual Network Name        |      scale3-vpc      |             VPC Name where you want to create the server             |
|    VPC Resource Group    | Azure Virtual Network Resource Group Name |     scale3-vpc-rg    |                       Resource Group of the VPC                      |
|        Subnet Name       |  Azure Virtual Network Subnet Name to use |      scale3-sub      |            Subnet Name where you want to create the server           |
|    Blockchain network    | Blockchain network to deploy the node for |      sui-mainnet     |                  Supported mainnet, testnet, devnet                  |
| Service Principal App Id |            App Registration ID            |           -          |              Application (client) ID of the Application              |
|       Client Secret      |        Secret value of Application        |           -          |         Application Client secret value of the registered app        |
|          Tenant          |              Tenant ID value              |           -          |                    Tenant ID of the Azure account                    |
|      Subscription ID     |       Azure billing Subscription ID       |           -          |                 Subscription ID of the Azure account                 |

# Resources Provisioned

* Azure Linux VM with 50 GB of OS disk.
* Standard SSD Disk for storing blockchain data
* Firewall rules to allow traffic to node
  * Allow SSH from Nodepilot IPs.
  * Allow traffic to required ports from anywhere.
