Scan Requirements

To run a scan that audits Azure, you must set up your Azure environment and configure a scan in Tenable Vulnerability Management or Tenable Nessus using the appropriate credentials.

Azure Environment

Configure the Azure environment as described in Configure Microsoft Azure for Auditing in the Tenable for Microsoft Azure Guide

Scan Configuration

Configure a scan in Tenable Vulnerability Management, as described in Audit Microsoft Azure in Tenable Vulnerability Management in the Tenable for Microsoft Azure Guide.

Configure a scan in Tenable Nessus, as described in Audit Microsoft Azure in Nessus in the Tenable for Microsoft Azure Guide.

The plugin requires one of two supported Microsoft Azure credential sets.

Key:

Option Description Required
Tenant ID The Tenant ID or Directory ID for your Azure environment. Yes
Application ID The application ID (also known as client ID) for your registered application. Yes
Client Secret The secret key for your registered application. Yes
Subscription IDs

List of subscription IDs to scan, separated by a comma. If this field is blank, all subscriptions are audited.

No

Password:

Option Description Required
Username The username required to log in to Microsoft Azure. Yes
Password The password associated with the username. Yes
Client ID The application ID (also known as client ID) for your registered application. Yes
Subscription IDs

List of subscription IDs to scan, separated by a comma. If this field is blank, all subscriptions are audited.

No