Create a Microsoft Azure Connector

Required User Role: Administrator

Before you begin:

• Complete the required Microsoft Azure configuration steps.
• Update your plugin set to 2018-12-19 or later.

To create a Microsoft Azure connector:

1. In the upper-left corner, click the button.

   The left navigation plane appears.

2. In the left navigation plane, click Settings.

   The Settings page appears.

3. Click the Cloud Connectors tile.

   The Cloud Connectors page appears and displays the configured connectors table.

4. In the upper-right corner of the page, click the Create Connector button.

   The Select a Connector plane appears.

5. In the Connecters section, click Microsoft Azure.

   The Microsoft Azure settings plane appears.

6. In the Connector Name box, type a name to identify the connector.
7. In the Application ID box, type the Azure application ID that you obtained when configuring Microsoft Azure.
8. In the Tenant ID box, type the Azure Tenant ID obtained when configuring Microsoft Azure.
9. In the Client Secret box, type the client secret obtained when configuring Microsoft Azure.
10. Use the Auto Discovery toggle to enable or disable automatic discovery of Azure subscription ID(s).
    Note: Auto discovery is enabled by default. The Azure connector automatically discovers your subscription ID and any linked subscription ID(s).

11. (Optional) If Auto Discovery is disabled, manually add one or more subscription IDs:

    1. In the Subscription IDs section, click the button next to Subscription IDs.

       The Add Subscription IDs plane appears.

    2. In the Subscription ID box, type the subscription ID obtained when configuring Microsoft Azure.

    3. (Optional) Click the button next to Add Another Subscription ID to add additional linked Azure accounts.

    4. In the Subscription ID box, type the subscription ID for the Azure account that you want to link. For information about configuring linked subscriptions, see Link Azure Subscription.

    5. To add the Subscription ID(s), click Add.

       Tenable.io displays the Microsoft Azure settings plane, and the Subscription ID(s) you linked are listed under Subscription IDs.

12. In the Select or Create Network drop-down box, select an existing network for your connector or click the button to create a new network.
    Note: Networks help to avoid IP address collisions between cloud assets and Nessus-discovered assets. Tenable recommends creating a network for each connector type in use to prevent asset records in different cloud environments from overwriting each other. For more information about the network feature, see Networks.

13. Use the Schedule Import toggle to enable or disable scheduled imports.
    Note: By default, Tenable.io requests new and updated asset records every 1 day.

    When enabled:

    • In the Import text box, type the frequency with which Tenable.io sends data requests to the Azure server.
    • In the drop-down box select Minutes, Hours, or Days.
14. Do one of the following:
    • To save the connector, click Save.
    • To save the connector and import your assets from Azure, click Save & Import.
    Note: There may be a short delay before your assets appear in Tenable.io.