DocumentationAPI ReferenceRelease Notes

Azure Onboarding

Suggest Edits

Panoptica’s frictionless solution quickly scans your cloud resources, including virtual machines, containers, and serverless deployments. Integration is agentless, secure, and easy to set up. Follow the steps below to create a secure "read-only" role, and you'll start seeing the results in minutes

To connect your Microsoft Azure environment to Panoptica, begin by downloading a script to run in your Azure environment. The script retrieves basic information about your Azure account, which you then feed back into Panoptica's platform, and let the scanning begin. Panoptica creates an application in the tenant with a "Reader" role.

📘

Note:

Sufficient privileges to your Azure environment are required in order to execute the script.

To get started, select Settings in the navigation pane, then the Accounts tab.
Choose Microsoft Azure, and follow the on-screen instructions, which are detailed below.

Onboarding Steps

  1. Download the PowerShell script from Panoptica's Azure account page.

📘

IMPORTANT:

If you are running a Popup Blocker, please disable it before clicking Download Script

  1. Log into your Azure portal, and launch Cloud Shell from the top navigation bar.
  1. Upload the Panoptica script to the Cloud Shell, using the PowerShell console.
  2. Run the script in the Azure PowerShell console. Take note of the Application (client) ID and the Directory (tenant) ID, which you'll need in the next couple of steps.
  3. Return to Panoptica's Azure account page and download the ARM template.
  1. Deploy the Bicep ARM Template in the Azure portal using the Enterprise Application object ID you retrieved from the script output.
  2. Enter the Directory (Tenant) ID, and the Application (client) ID you retrieved above into the Panoptica platform, making sure to validate the Bicep deployment).
  1. Under Application Secret, choose how you would like Panoptica to be authenticated in your Azure environment: Federated Identity or Application Secret. If you choose Application Secret, enter it in the space provided.
  1. Finally, decide whether you want Panoptica to scan your Azure resources for CVEs and malware. If you forego the vulnerability and malware scanning, Panoptica will still be able to provide inventory, attack path analysis, root cause analysis, and more.

Before finishing, click Check Credentials to make sure everything is in order.

If it is, the Finish & Start Scan button will become active. Click it to, well, finish and start scanning.

Updated 2 days ago