Tenable Cloud Security Quick Reference Guide: Onboarding Microsoft Azure Accounts

This Quick Reference Guide provides the sequence of tasks required to onboard Microsoft Azure cloud accounts to Tenable Cloud Security and to perform a cloud scan. Tenable Cloud Security assesses your cloud infrastructure at runtime and identifies security and compliance violations.

Before you begin:

You must have the following:

  • Credentials for your Tenable Vulnerability Management user account.

  • An Azure subscription with sufficient permissions to register an application and assign a role with your Azure Active Directory (AD) tenant.


To establish the connection between Tenable Cloud Security and Azure cloud, Tenable Cloud Security requires an Azure service principal in the Azure subscription with read permissions to access the resources in the subscription. For creating a service principal, register an application through the Azure portal and then assign the Reader role to the application. To onboard the Azure service principal in Tenable Cloud Security, provide the tenant ID, application ID, and secret key value of your application for authenticating with Azure.

After connecting your cloud accounts, configure your cloud resources and then scan these cloud resources for any violations.


The following workflow provides the high-level tasks for onboarding Azure accounts.

Tip: Click a box to view the relevant task.


For a demonstration on onboarding Azure accounts, see the following video:

Other Resources