Azure
Ernich asset context with asset information from Azure
This context integration adds asset information retrieved from Azure as context labels in Netography Fusion.
Cloud Context Enrichment: Add a Context Integration vs. Deploying Cloud Function
AWS, Azure, and GCP have 2 options for how to enrich asset context.
Option 1: Add a context integration in Fusion Portal
You give permission in your cloud account(s) for Netography to read asset meta-data from it, and then add a context integration for that cloud account in Fusion to retrieve that information. After configuring permissions in your cloud, the configuration and data gathering occurs from the Netography Fusion SaaS to your cloud accounts. You will need to add and configure 1 context integration in Fusion per AWS account, Azure subscription, or GCP project.
Option 2: Deploy a cloud function with Netography's Cloud onboarding automation via Terraform
You deploy the Netography cloud onboarding automation using Terraform, which configures all the permissions required and creates a cloud function that runs within your cloud on a scheduled basis. That function gathers all the asset meta-data locally within your cloud, and then uploads the data via the Netography Fusion API. Netography never has any permission to directly access and read the asset meta-data in your cloud in this option. You can deploy this automation one time for each AWS organization, Azure tenant, or GCP organization, making it a more easily scalable solution for larger environments. For more details on this option, access Netography's Terraform automation at our GitHub repo: https://github.com/netography/neto-onboarding. For access to the repo, email your GitHub ID to [email protected].
Azure Configuration
1. Enter App registrations in the search box at the top of the portal
2. Click New registration
3. Give this new application a descriptive name
4. Leave Supported account type set as default
5. Click Register
6. Copy and save the Application Client ID and the Directory Tenant ID, you'll need this later for integration with Netography Fusion.
7. Click Add a certificate or secret
8. Click New client secret
9. Add a description and select an expiration consistent with the policies of your organization
10. Click Add
11. Copy and save the Client Secret Value, you'll need this later for integration with Netography Fusion.
12. Go to Subscriptions and select your working subscription
13. Select Access control (IAM) from the sidebar
14. Click the Role assignments tab
15. Click Add then Add role assignment from the dropdown
16. Search for Virtual Machine User Login and select it from the returned results
17. Click Next
18. Click Select members
19. Search for the application name you created earlier in step 3 and select it
20. Click the Select button
21. Click Review + assign
Netography Fusion Configuration
1. Navigate to Settings -> Context Integrations -> Add Integration
2. Select Microsoft Azure
3. Fill out the Azure Context Integration form:
Name: Use any name here.
Update Interval: Leave as default.
Auto Update: Leave enabled.
Subscription ID: The Subscription ID you used to complete the previous instructions in this document.
Tenant ID: Your Azure Tenant ID.
Tag/Label Matches: Leave as default unless you know how to use this feature.
Application Client ID: Paste in the "Applicant (client) ID" you copied from a previous step in this document.
Client Secret Value: Paste in the Client Secret Value you copied from a previous step in this document.
4. Click Create and Run
Updated about 1 month ago