mirror of
https://github.com/prowler-cloud/prowler.git
synced 2026-07-13 07:31:51 +00:00
9ca1899ebf
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com> Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
29 lines
1.1 KiB
Markdown
29 lines
1.1 KiB
Markdown
# Azure Authentication in Prowler
|
|
|
|
By default, Prowler utilizes the Azure Python SDK identity package for authentication, leveraging the classes `DefaultAzureCredential` and `InteractiveBrowserCredential`. This enables authentication against Azure using the following approaches:
|
|
|
|
- Service principal authentication via environment variables (Enterprise Application)
|
|
- Currently stored AZ CLI credentials
|
|
- Interactive browser authentication
|
|
- Managed identity authentication
|
|
|
|
Before launching the tool, specify the desired method using the following flags:
|
|
|
|
```console
|
|
# Service principal authentication:
|
|
prowler azure --sp-env-auth
|
|
|
|
# AZ CLI authentication
|
|
prowler azure --az-cli-auth
|
|
|
|
# Browser authentication
|
|
prowler azure --browser-auth --tenant-id "XXXXXXXX"
|
|
|
|
# Managed identity authentication
|
|
prowler azure --managed-identity-auth
|
|
```
|
|
|
|
## Permission Configuration
|
|
|
|
To ensure Prowler can access the required resources within your Azure account, proper permissions must be configured. Refer to the [Requirements](../../getting-started/requirements.md) section for details on setting up necessary privileges.
|