Connect your Azure Tenant with PingSafe

This article explains how you can connect your Azure Tenant with PingSafe for detecting security vulnerabilities continuously.

1. From the left navigation panel, Click on the “Add an Account” button present under the “Cloud Security”.
2. Click on the “Connect” button present under “Microsoft Azure”.
3. Select “Tenant” from the “Onboard” option, fill in the “TenantID” and select the “Scan” Mode.
   
   • Detect Mode: PingSafe has read-only access to the resources in your Azure Cloud account. 
   • Detect & Auto remediate: PingSafe has read/write access to the resources. You will have to enable/disable this feature for each plugin that supports auto remediation.
4. Click on the “Next” button.
5. In “Tenant Properties”, change the “Access management for Azure resources” option to “Yes” and then click on the “Save” button.
6. Download the “Terraform script”.
7. Open the Azure Cloud Shell.
8. Use "az login" command and follow instructions to login into your Azure Cloud Shell.
9. Click on the “Upload” button and select the downloaded “Terraform Script”.
10. Execute the below command in the same directory where the terraform file has been uploaded and enter “Yes” when prompted.
    

    terraform init && terraform apply

    

11. After the terraform code is successfully executed, navigate to the “consent_link” received on the Azure Cloud shell.
12. Under “Configured permissions”, click on “Grant admin consent for Default Directory”.
13. Click on the “Yes” button in Grant admin consent confirmation.
14. Copy the “application_id” and “client_secret” from the Azure cloud shell.
15. Paste the copied “application_id” and “client_secret” on PingSafe and click on the “Next” button.
16. Select the mode according to your preference and click on the “Next” button.
17. Select the Compliance(optional) and click on the “Finish” button.
18. Note that the Azure Tenant has been successfully onboarded.