Preparing an Azure environment for use by Valtix Controller assumes that you already have a Subscription and it is associated to an Azure Active Directory.
Overview of steps
- Register an application with Azure Active Directory
- Create a custom role under Access Control (IAM) for the Subscription
- Assign the role to the application
- Optionally create a User Assigned Managed Identity for access to KeyVault and Blob Storage
- Accept Marketplace Terms
The above steps are scripted in Powershell found here. To run the script simply:
- Open Azure Cloud Shell (Powershell) in the subscription you wish to register as account in Valtix
- Download the powershell script and run the script
wget https://raw.githubusercontent.com/valtix-security/gists/main/valtix_azure_roles/valtix-controller-role.ps1 ./valtix-controller-role.ps1
The output from the script are all the parameters needed to register a new cloud account in Valtix controller.
To perform these steps manually or if you cannot run the scripted setup mentioned above, follow the steps in the next pages.