ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-05-06 08:47:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d23c2f3b5317ca8aa1bb3031093b7ba85941f172
prowler/docs/user-guide/providers/azure/getting-started-azure.mdx
T
Pablo Fernandez Guerra (PFE) d23c2f3b53 refactor(ui): standardize "Providers" wording across UI and docs (#10971) 
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-05 14:39:54 +02:00

142 lines
4.2 KiB
Plaintext
Raw Blame History

---
title: 'Getting Started With Azure on Prowler'
---
## Prowler Cloud
<iframe width="560" height="380" src="https://www.youtube-nocookie.com/embed/v1as8vTFlMg" title="Prowler Cloud Onboarding Azure" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen="1"></iframe>
> Walkthrough video onboarding an Azure Subscription using Service Principal.
<Note>
**Government Cloud Support**
Government cloud subscriptions (Azure Government) are not currently supported, but we expect to add support for them in the near future.
</Note>
### Prerequisites
Before setting up Azure in Prowler App, you need to create a Service Principal with proper permissions.
For detailed instructions on how to create the Service Principal and configure permissions, see [Authentication > Service Principal](/user-guide/providers/azure/authentication#service-principal-application-authentication-recommended).
---
### Step 1: Get the Subscription ID
1. Go to the [Azure Portal](https://portal.azure.com/#home) and search for `Subscriptions`
2. Locate and copy your Subscription ID
![Search Subscription](/images/providers/search-subscriptions.png)
![Subscriptions Page](/images/providers/get-subscription-id.png)
---
### Step 2: Access Prowler Cloud
1. Navigate to [Prowler Cloud](https://cloud.prowler.com/) or launch [Prowler App](/user-guide/tutorials/prowler-app)
2. Navigate to `Configuration` > `Providers`
![Providers Page](/images/prowler-app/cloud-providers-page.png)
3. Click on `Add Provider`
![Add a Provider](/images/prowler-app/add-cloud-provider.png)
4. Select `Microsoft Azure`
![Select Microsoft Azure](/images/providers/select-azure-prowler-cloud.png)
5. Add the Subscription ID and an optional alias, then click `Next`
![Add Subscription ID](/images/providers/add-subscription-id.png)
### Step 3: Add Credentials to Prowler Cloud
For Azure, Prowler App uses a service principal application to authenticate. For more information about the process of creating and adding permissions to a service principal refer to this [section](/user-guide/providers/azure/authentication). When you finish creating and adding the [Entra](/user-guide/providers/azure/create-prowler-service-principal#assigning-proper-permissions) and [Subscription](/user-guide/providers/azure/subscriptions) scope permissions to the service principal, enter the `Tenant ID`, `Client ID` and `Client Secret` of the service principal application.
1. Go to your App Registration overview and copy the `Client ID` and `Tenant ID`
![App Overview](/images/providers/app-overview.png)
2. Go to Prowler App and paste:
- `Client ID`
- `Tenant ID`
- `Client Secret` from [earlier](/user-guide/providers/azure/authentication#service-principal-application-authentication-recommended)
![Prowler Cloud Azure Credentials](/images/providers/add-credentials-azure-prowler-cloud.png)
3. Click `Next`
![Next Detail](/images/providers/click-next-azure.png)
4. Click "Launch Scan"
![Launch Scan Azure](/images/providers/launch-scan.png)
---
## Prowler CLI
### Configure Azure Credentials
To authenticate with Azure, Prowler CLI supports multiple authentication methods. Choose the method that best suits your environment.
For detailed authentication setup instructions, see [Authentication](/user-guide/providers/azure/authentication).
**Service Principal (Recommended)**
Set up environment variables:
```console
export AZURE_CLIENT_ID="XXXXXXXXX"
export AZURE_TENANT_ID="XXXXXXXXX"
export AZURE_CLIENT_SECRET="XXXXXXX"
```
Then run:
```console
prowler azure --sp-env-auth
```
**Azure CLI Credentials**
Use stored Azure CLI credentials:
```console
prowler azure --az-cli-auth
```
**Browser Authentication**
Authenticate using your default browser:
```console
prowler azure --browser-auth --tenant-id <tenant-id>
```
**Managed Identity**
When running on Azure resources:
```console
prowler azure --managed-identity-auth
```
### Subscription Selection
To scan a specific Azure subscription:
```console
prowler azure --subscription-ids <subscription-id>
```
To scan multiple Azure subscriptions:
```console
prowler azure --subscription-ids <subscription-id1> <subscription-id2> <subscription-id3>
```
Reference in New Issue View Git Blame Copy Permalink