Azure can be integrated with Authomize so that Authomize will be able to analyze identity and access information held on Azure. Information such as users, groups, roles and are extracted once and updated regularly thereafter.
Note: When Azure is integrated with Authomize, Azure AD and Microsoft Office 365/SharePoint/ OneDrive are also integrated.
Azure integration workflow
Integrating Azure with Authomize
- Log into Authomize
- Go to Settings/Data Sources and click Add New App.
- Select Azure or Microsoft Active Directory or Office 365, SharePoint & OneDrive to open the integration dialog.
- In the Integrate Azure dialog:
Step 1. Click Go to Microsoft and log in (again)
|
Have a look through the permission needed by Authomize. If you agree click Accept.
You will see this, if all goes well:
Copy the tenant from the URL (see the appendix for more details).
Alternatively, copy the Tenant ID from the Authomize|Overview page in Microsoft Azure:"
Step 2. Paste the Tenant ID from Azure.
Step 3. Click the checkbox to give Authomize a principal Reader role on the root Azure
management group. (If not checked, very limited data will be collected).
Step 4. Click Go to Microsoft Portal to confirm that Authomize is set up in a Reader role.
For step-by-step instructions, see Appendix B: Setting up a reader role.
Step 5. Skip this step unless you want Authomize to automatically remove old, unused shared files.
Step 6. Enter an integration name.
Step 7. Enter a contact email.
Click Create.
- Wait for the integration to finish.
When Azure (or one of the other two connectors) is integrated you will see two other entries in the Connected Apps list.
|
|
What data is collected
Azure
|
Microsoft Active Directory
|
Office 365
SharePoint
OneDrive
|
Appendix A: Getting the Tennant ID from Azure
- Log into portal.azure.com as an admin:
- Click Azure Active Directory.
- On the Authomize|Overview page, copy the Tennant ID.
Appendix B: Setting up a reader role
- Log into Azure.
- Search for Management groups and click it when found.
- In Management groups click Tenant Root Group.
- In the Tenant Root Group, click Access Control (IAM) in the menu, then click to open the
Role assignments. - In the Tenant Root Group|Access control|Role assignments, click + to add a new role assignment.
- In the Add role assignment dialog | Role page, click Reader.
- In the Add role assignment dialog | Members page, click the Next button.
- In the Add role assignment dialog Click + Select members.
- Select Authomize from the Select member list.
- In the Add role assignment dialog | Review + assign page, click the Review + assign button if you see your new Member Role in the Members field.