Preparing an Azure environment for use by Valtix Controller assumes that you already have a Subscription and it is associated to an Azure Active Directory.
Overview of steps
- Register an application with Azure Active Directory
- Create a custom role under Access Control (IAM) for the Subscription
- Assign the role to the application
- Optionally create a User Assigned Managed Identity for access to KeyVault and Blob Storage
- Accept Marketplace Terms
The above steps are scripted in bash and can be found here. To run the script simply:
- Open Azure Cloud Shell (Bash) in the subscription you wish to register as account in Valtix
- Download the bash script and run the script.
wget https://raw.githubusercontent.com/valtix-security/cli-azure-setup/master/azure-setup.sh ./azure-setup.sh
The output from the script are all the parameters needed to register a new cloud account in Valtix controller.
To perform these steps manually or if you cannot run the scripted setup mentioned above, follow the steps in the next pages.