Where do I find my Microsoft Azure credentials?

For Azure Cloud Scanning, Holm Cloud scanner requires the following IDs from your Azure account:
  • Azure Application ID
  • Azure Key Value
  • Azure Directory ID
  • Azure Subscription ID

To find these requirements within your Azure environment you will first need to create a new App registration, in order to do that, please fo the following:

  1. Log in to your Azure Account through the Azure portal and navigate to the Azure Active Directory service.
  2. Click on Azure Active Directory > App registrations.

  3. Click on New registration.

  4. Name your App i.e."HolmScanner" and/or a descriptive name in the Name field, take note of it.
  5. Leave the "Supported account types" default: "Accounts in this organizational directory only (YOURDIRECTORYNAME)".

  6. Click on Register.
  7. Now you will see both of the following:
    • Application (client) ID which should be added into the field Azure Application ID
    • Directory (tenant) ID which should be added into the field Azure Directory ID

  8. Click on Certificates & secrets.
  9. Under Client secrets, click on New client secret.

  10. Enter a Description (i.e. HolmScanner-2023) and select Expires "i.e. 1 year".

  11. Click on Add.
  12. Now you will see the Client's value which should be added into the field Azure Key Value.
    • The Client's secret value appears only once. Make sure you store it safely.

Azure Subscription ID

  1. Navigate to Subscriptions.
  2. Click on the relevant Subscription > Overview.
  3. Now you will see the Subscription ID which should be added into the field Azure Subscription IDmceclip0.png

  4. Done.

Adding IAM Permission for Scanning

  1. Navigate to Subscriptions.
  2. Click on "Access Control (IAM)".
  3. Go to the Role assignments tab.
  4. Click on "Add", then "Add role assignment".
  5. In the "Role" drop-down, select "Security Reader".

  6. Leave the "Assign access to" default value.
  7. Click Add Members > In the "Select" drop-down, type the name of the app registration (e.g. "HolmScanner") you created and select it.

  8. Click "Save".
  9. Repeat the process for the role of "Log Analytics Reader"
  10. Done.
Have more questions? Submit a request


Please sign in to leave a comment.