ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Microsoft Azure Securlet activation

book

Article ID: 237666

calendar_today

Updated On:

Products

CASB Security Advanced CASB Security Advanced IAAS CASB Security Premium CASB Security Premium IAAS CASB Security Standard CASB Securlet IAAS CASB Securlet SAAS CASB Securlet SAAS With DLP-CDS

Issue/Introduction

Directions on how to activate Azure while documentation is updated

Resolution

Prerequisites  

  1. Azure Account

    Have admin access to the Azure account

  2. CloudSoc API Key

    Create an API key and note down Key ID, Key Secret and Tenant. For more information refer to Creating an API key

Configuring the Azure Securlet 

  1. To acitvate an Azure securlet login to the CASB tenant and go to Store | Microsoft Azure and Click Configure
      
    This will take you to the "Microsoft Azure Configuration" window

  2. Enter the Connection Name.  


  3. By default, all storage accounts are scanned. If you want to limit the scanning to specific storage accounts, enable Data Scanning

  4. Once Data Scanning is enabled you then have the option to define a data scanning scope as well as exceptions to that scope



    Selective Scanning only scans storage accounts that match the configuration.

  5. Save the connection.
  6. Download Azure PowerShell Script and refer to steps below on how to Run PS Script in Azure Account.  
    Note: The connection will be visible in connections in draft state till administrator runs PS Script in Azure successfully..
  7. Once PS Script is deployed in Azure Account, accounts\subscriptions  from Azure will get onboarded and Current Connections Details would be visible under Azure Connection.

Run PS Script in Azure Account  

  1. Open PS Script and update the CloudSocKeys at Line#11
    $cloudsoc_public_key = "<key_id>"
    $cloudsoc_secret_key = "<key_secret>"
    $cloudsoc_tenant_id = "<tenant>"
  2. Login to Azure Account.
  3. Open Cloud Shell
  4. Upload the PSScript to the Cloud Shell.
  5. Run the script and follow the steps, it will prompt you to select specific subscription or all subscriptions.
  6. It is completely automated, with just one manual step to provide user and directory level permissions the details is available in script itself.

PS Script generated resources

The following resources would be generated

  1. CloudSoc App under Azure Active Directory
  2. Event Grid Subscription (Azure Subscription) with filter to Event types, Resource Write success, Resource Delete success, Resource Action success – for selected subscription.
  3. For all the storage accounts under selected subscription, script will create Event Subscriptions.

Attachments

Powered by Wolken Software