This page describes things I have set up on the Azure portal.
Prior to writing this, I had Azure Arc set up with my original windows server machine. After moving my server to a new machine (Proxmox VM), I noticed in the Azure portal that the server certificate had expired for Azure Arc. Until this point, I had forgotten I was using Arc, so I had no issue with deleting and starting over.
Initial configuration of Azure Arc is relatively simple, although I changed one small thing. Instead of using a regular user account, I chose to use an app registration for authentication rather than a highly-privileged account. These are the steps I performed:
Once the App Registration and role assignment is complete, the Azure Arc resource can be created. The following steps are performed in Azure:
Next, the script needs to be run on the Windows Server machine, but it will need to be altered to include the app registration info.
"$env:ProgramW6432\AzureConnectedMachineAgent\azcmagent.exe" connect --resource-group "$env:RESOURCE_GROUP" --tenant-id "$env:TENANT_ID" --location "$env:LOCATION" --subscription-id "$env:SUBSCRIPTION_ID" --cloud "$env:CLOUD" --tags 'ArcSQLServerExtensionDeployment=Disabled' --correlation-id "$env:CORRELATION_ID";
"$env:ProgramW6432\AzureConnectedMachineAgent\azcmagent.exe" connect --resource-group "$env:RESOURCE_GROUP" --tenant-id "$env:TENANT_ID" --location "$env:LOCATION" --subscription-id "$env:SUBSCRIPTION_ID" --cloud "$env:CLOUD" --tags 'ArcSQLServerExtensionDeployment=Disabled' --correlation-id "$env:CORRELATION_ID" --service-principal-id "<APP ID>" --service-principal-secret "<APP SECRET>";
Once the script completes, Azure Arc should be connected and you will see the resource in the Azure portal. Double check to ensure it says Connected.