- Knowledge Base
- Cloud Scanning
- Microsoft Azure
-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
OnPrem
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
Where do I find my Microsoft Azure credentials?
For Azure Cloud Scanning, Holm Cloud Scanner requires the following IDs from your Azure account:
- Azure Application ID
- Azure Key Value
- Azure Directory ID
- Azure Subscription ID
To find these requirements within your Azure environment, you will first need to create a new App registration; to do that, please do the following:
- Log in to your Azure Account through the Azure portal and navigate to the Azure Active Directory service.
- Click on Azure Active Directory > App registrations.
- Click on New registration.
- Name your App, i.e. "HolmScanner" and/or a descriptive name in the Name field; take note of it.
- Leave the "Supported account types" default: "Accounts in this organizational directory only (YOURDIRECTORYNAME)."
- Click on Register.
- Now you will see both of the following:
- Application (client) ID, which should be added to the field Azure Application ID
- Directory (tenant) ID, which should be added to the field Azure Directory ID
- Click on Certificates & secrets.
- Under Client secrets, click on New client secret.
- Enter a Description i.e. "HolmScanner-2023" and select Expires i.e. "one year"
- Click on Add.
- Now you will see the Client's value which should be added to the field Azure Key Value.
- The Client's secret value appears only once. Make sure you store it safely.
- The Client's secret value appears only once. Make sure you store it safely.
Azure Subscription ID
- Navigate to Subscriptions.
- Click on the relevant Subscription > Overview.
- Now you will see the Subscription ID, which should be added to the field Azure Subscription ID.
- Done.
Adding IAM Permission for Scanning
- Navigate to Subscriptions.
- Click on Access Control (IAM).
- Go to the Role Assignments tab.
- Click Add, then Add role assignment.
- In the Role drop-down, select Security Reader.
- Leave the Assign access to default value.
- Click Add Members > In the Select drop-down, type the name of the app registration e.g. "HolmScanner" you created and select it.
- Click Save.
- Repeat the process for the "Log Analytics Reader" role.
- Done!