Configure Azure connectors for scanning Microsoft Azure resources for security issues using the Qualys Cloud Platform. Our Azure connector scans and detects virtual machines created using Resource Manager only.
Before you create an Azure connector, ensure that you assign Azure Active Directory permissions to register an application with your Azure Active Directory and check Azure Subscription permissions to assign the application to a role in your Azure subscription.
Navigate to Azure Active Directory > User Settings and then ensure that the App registrations are allowed for your Azure subscription.
If your Azure subscriptions has the app registrations setting set to No, you need to check whether your account is an admin or user for the Azure AD account.
To check if your account is an admin, go to Overview and look at your user information.
If your account is assigned to the User role, but the app registration setting is restricted to admin users, you will not be permitted to register new apps. In such case, ask your administrator to either assign you to the global administrator role, or to enable users to register apps.
In your azure subscription, your account must have Owner access role to assign an AD app to a reader role. If your account is assigned to the Contributor role, you do not have adequate permission and will receive an error when attempting to assign the service principal to a role.
To know the role assigned to you, select your account and select My permissions. From the Subscription drop-down list, select the subscription for which you would want to check permissions and then click the "Click here to view complete access details for this subscription" link.
Choose AssetView (AV) from the app picker. Then go to Connectors > Azure, and click Create Azure Connector. Our wizard will walk you through the steps. Please refer to the help in the Create Azure Connector wizard for help with connector and authentication details. See the "Support for Azure Connectors" topic in the Asset View help for more information on creating Azure connector.
Tip - We recommend you create at least one generic asset tag (for example, "Azure") and have the connector automatically apply that tag to all imported assets. You can add more tags to your Azure assets based upon discovered Azure metadata.