Below we'll walk through the steps needed to connect an additional Azure Subscription to Vanta.
This guide assumes that you've already connected at least one Azure subscription, it is correctly integrated and syncing resources.
Prerequisites:
- Azure Subscription connected to Vanta
- Azure Subscription not yet connected to Vanta
Procedure:
- Navigate to the Integrations page, locate your existing Azure connection.
- then select 'Manage -> Edit'.
- Click on 'Add Subscription' to start connecting your additional Azure Subscription.
- Click on 'Add Subscription' to start connecting your additional Azure Subscription.
- Once in the 'Connect Azure' screen, Click Next -> to view the 'Register Application' form.
- Click on ' App Registration ' to Navigate to the Azure Portal and begin creating your additional Vanta app.
- Click on ' App Registration ' to Navigate to the Azure Portal and begin creating your additional Vanta app.
- Select + New Registration in the top right
- You may see your other subscription's Vanta app in this list since each Azure Subscription requires its own Vanta App to connect. So we won't be altering any other Apps config.
- You may see your other subscription's Vanta app in this list since each Azure Subscription requires its own Vanta App to connect. So we won't be altering any other Apps config.
- Name your app whatever you like ( Preferably something that can distinguish it from the others )
- Use the default options already selected, and click 'Register'
- Use the default options already selected, and click 'Register'
- You will be redirected to the Application overview page, Copy your Application ID and Directory ID then navigate back to the Connection steps in Vanta
- Paste the IDs in their appropriate places, then select Next ->
- Paste the IDs in their appropriate places, then select Next ->
- In the Azure Portal, Select 'Certificates & Secrets' and Create your new Secret token:
- Note: This is the only time you can copy your secret's Value, so do so before leaving the page.
- Paste it in the appropriate box on the Vanta Connection steps then click Next ->
- Note: This is the only time you can copy your secret's Value, so do so before leaving the page.
- In Azure - Navigate to 'API Permissions' -> Select 'Add Permission' -> Microsoft Graph
- Select 'Application Permissions' -> Search for 'Directory' -> Select 'Directory.Read.All' then Add Permissions
- Make sure you 'Grant Admin Consent' for these permissions before continuing:
- Once 'Admin Consent' is granted, Navigate back to Vanta and go to the Next -> step
- Select 'Application Permissions' -> Search for 'Directory' -> Select 'Directory.Read.All' then Add Permissions
- In Azure - Search for "Subscriptions" and navigate to it ->
- Locate your Second Subscription( the subscription not connected yet ) and copy the ID
- Paste your Subscription ID in the appropriate box and click Next ->
- Locate your Second Subscription( the subscription not connected yet ) and copy the ID
- In Azure - Click on your Subscription -> then in the sidebar Click Access Control (IAM) ->
-> + Add -> Add Role Assignment
- Search for "Reader" -> Click Reader role -> Then Next
- Click 'Select Members' -> Search for the App we just created and Select it ->
- Click 'Review + assign' and confirm your subscription is the correct one ->
- If everything looks good, Click 'Review + assign' once more to Assign the role
- Back in Vanta, Click Next ->
- Search for "Reader" -> Click Reader role -> Then Next
- If Authenticated correctly, Vanta will begin to fetch your Subscriptions resources.
- You can choose to wait or just click Done -> to return to the Integrations page
Repeat this process for any other unconnected Subscriptions you'd like to connect to Vanta!
Updated