Azure Virtual Machines
Integrate Azure Virtual Machines to retrieve the complete inventory of your Azure VMs
The Azure Virtual Machines connector allows you to retrieve the complete inventory of your virtual machines deployed on Microsoft Azure and their associated configuration directly into OverSOC.
Objective
The Azure Virtual Machines connector retrieves the following information:
- Inventory of Azure virtual machines
- Tags and resource groups associated
- Status and configuration of VMs (size, operating system, power state)
Prerequisites
- An Azure account with access to virtual machines
- Admin permissions or read access to virtualization resources
- Application registered in Azure AD for API authentication
Information to Provide in OverSOC
| Field | Description |
|---|---|
| Application (Client) ID | Unique identifier of the application registered in Azure AD |
| Client Secret | Secret key generated for application authentication |
| Tenant ID | Identifier of the Azure tenant (directory) |
Procedure
Register an Application in Entra ID
- Access Microsoft Entra Admin Center:
- Log in to the Entra Admin Center with a Global Administrator account.
- Create a New Application:
- Go to Entra ID > App registrations > New registration.
- Enter a name (e.g., "OverSOC Azure VM Connector").
- Select Accounts in this organizational directory only.
- Click Register.
- Create a Client Secret:
- Go to Certificates & secrets > New client secret.
- Add a description and set an expiration period.
- Click Add.
- Copy the secret value immediately (displayed only once).
Retrieve Credentials
- Get Tenant ID and Client ID:
- On the Overview tab, copy the Directory (tenant) ID.
- On the Overview tab, copy the Application (client) ID.
Assign Reader Role at Subscription Scope
- Navigate to Subscriptions:
- In the Azure Portal, go to Subscriptions.
- Add Role Assignment:
- Select your subscription and go to Access control (IAM).
- Click Add role assignment.
- Select Reader role.
- In the Members tab, select User, group, or service principal.
- Search for and select the registered application by name.
- Click Review + assign.
Required Permissions
The service principal must have the Reader role assigned at the subscription scope to retrieve VM inventory and configuration information.
Official Documentation
For more details, see: What is Azure role-based access control (Azure RBAC)?