Follow these steps to connect an Azure account to CloudSploit:
Create an Azure App Registration for CloudSploit
- Log into your Azure Portal and navigate to the Azure Active Directory service.
- Select App registrations and then click on New Application registration.
- Enter CloudSploit and/or a descriptive name in the Application Name field, then Select Web app/API and enter https://console.cloudsploit.com in the Sign-On URL field.
- Leave the "Supported account types" default: "Accounts in this organizational directory only (YOURDIRECTORYNAME)".
- Click on Register.
- Copy the Application ID and keep for future use in the account connection wizard.
Create Client Secret
- Click on Certificates & Secrets
- Under Client Secrets, click on "New Client Secret."
- Enter a Description (i.e. Cloudsploit-2019) and select Expires "Never".
- Click on Add.
- Copy the Key Value and keep for future use in the account connection wizard.
Get your Directory and Subscription IDs
Get your Directory ID
- Navigate to the Azure Active Directory service.
- Select Properties. Click to copy the Directory ID and keep for future use in the account connection wizard.
Get your Subscription ID
- Navigate to Cost Management and Billing.
- Click on Subscriptions, copy the relevant Subscription ID and keep for future use in the account connection wizard.
Apply Permissions
- Click on the Subscription ID from the Subscriptions page.
- Click on "Access Control (IAM)".
- Click "Add role assignment".
- In the "Role" drop-down, select "Security Reader".
- In the "Select" drop-down, type the name of the app (e.g. "CloudSploit") you created and select it.
- Repeat the process for the "Log Analytics Reader" role.
- Click "Save".