Connect your Azure Subscription with PingSafe

This article explains how you can connect your Azure Subscription with PingSafe for detecting security vulnerabilities continuously.

Clients can now onboard their Azure Cloud Subscription on the PingSafe platform and have centralized management fo

1. From the left navigation panel, click on the “Add an Account” button present under the “Cloud Security”.
2. Click on the “Connect” button present under “Microsoft Azure”.
3. Select “Subscription” from the “Onboard” option, fill in the “Account Name”, “Subscription ID”, and “Tenant ID”.
4. Now, Select the Mode:
   
   • Detect Mode: PingSafe has read-only access to the resources in your Azure Cloud account. 
   • Detect & Auto remediate: PingSafe has read/write access to the resources. You will have to enable/disable this feature for each plugin that supports auto-remediation.
5. Download the “Terraform script”.
6. Open the Azure Cloud Shell.
7. Use command "az login" and follow the instructions to login into your Azure Cloud Shell.  
8. Click on the “Upload” button and select the downloaded “Terraform Script”.
9. Execute the below command in the same directory where the terraform file has been uploaded and enter “Yes” when prompted.
   

   terraform init && terraform apply

   

10. After the terraform code is successfully executed, navigate to the “consent_link” received on the Azure Cloud Shell.
11. Under “Configured permissions”, click on “Grant admin consent for Default Directory”.
12. Click on the “Yes” button in “Grant admin consent confirmation”.
13. Copy the “application_id” and “client_secret” from the Azure cloud shell.
14. Paste the copied “application_id” and “client_secret” and click on the “Next” button.
15. Select the Compliance(optional) and then click on the “Finish” button.
16. Note that the Azure Tenant has been successfully onboarded.