Azure Runbook Information

Frictionless Assessment is now End of Provisioning (starting May 15, 2023), and new users will not be able to deploy Frictionless Assessment connectors. Frictionless Assessment will reach End-of-Support on December 31, 2023, and will no longer receive support or updates. However, existing Frictionless Assessment connectors will continue to function until the feature is End-of-Life on December 31, 2024. Tenable recommends that you transition to Tenable Cloud Security with Agentless Assessment for scanning your cloud resources. For more information, see the Tenable Vulnerability Management Release Notes.

The following is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Moderate Product Offering.

Frictionless Assessment uses a custom automation runbook and collects the following data from VMs and VM scale sets in your selected resource groups.

Some intermediary resources show up after the first few minutes of deploying an arm template. These resources are deployment scripts that Tenable Vulnerability Management uses to deploy the following resources. Tenable Vulnerability Management removes the scripts once the deployments are complete.

  • Resource group:

    • Name: Starts with Tenable-FA-Connector

    • Contains Azure Frictionless Assessment resources.

  • Automation Account:

    • Name: Starts with Tenable-FA-Automation-Account

  • Runbooks:

    • Name: TenableFATerminatedInstances

    • Description: Tenable Frictionless Assessment runbook for terminated instances.

    • Name: TenableFACollector

    • Description: The Tenable Frictionless Assessment collection runbook.

  • Storage Account:

    • Name: Starts with scripts.

    • Description: Contains shell/powershell scripted checks to run against assets.

  • Role Definitions:

    • Name: Starts with Tenable FA Role or Tenable-FA-Custom-Role-Def.

    • Description: The role required for runbook to allow it to scan assets.

    • Actions:

      • "Microsoft.ClassicCompute/operatingSystems/read",
        "Microsoft.ClassicCompute/operatingSystemFamilies/read",
        "Microsoft.ClassicCompute/virtualMachines/read",
        "Microsoft.Compute/virtualMachines/read",
        "Microsoft.Compute/virtualMachineScaleSets/read",
        "Microsoft.Compute/virtualMachines/runCommand/action",
        "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read",
        "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/runCommand/action"