- Go to the Connections page and select Connect
- Click Add next to Azure.
- Complete the prompt and click App Registration to navigate to Azure Active Directory.
- In Azure, search for and select App registrations.
- Select New registration.
- Name the new application Vanta and click Register at the bottom of the page.
- Next, create the client secret.
- In Azure, navigate to Certificates & secrets. Add a client secret with the description Vanta and select Never for the expiration
- Click Add.
- Next, in Azure navigate to API Permissions.
- Select Azure Active Directory Graph.
- Select Application Permissions.
- Check Directory.Read.All permission.
- Click Add permissions.
- Click Grant admin consent, and click Yes when prompted to grant requested permissions.
- In Azure, navigate to Subscriptions.
- 9. Copy the subscription ID and enter it into the field in the prompt in Vanta, then click Next.
- Create the role assignment. Follow the prompt.
- In Azure, create a read-only role and assign the Vanta app to it. Navigate to Access control (IAM) in your subscription and click Add to add a role assignment.
- Add a role assignment, with the role Reader, Assign access to Azure AD user, group, or service principal.
- Select Vanta & Save.
- Select Store credentials on the prompt in Vanta. If the connection is complete, a successful connection notification will display. If there are errors, an error message will display. Please note, it may take a few moments for the changes to register after selecting Store credentials. You may need to try this more than once if you receive an error message initially.