Microsoft Azure CSPM — Script ConfigurationUpdated Nov 2, 2023
You can configure Azure® for Arctic Wolf® Cloud Security Posture Management (CSPM) using a Terraform® script.
Note: Multi-subscription and multi-tenant configurations are not supported.
- A valid Arctic Wolf® Managed Risk license
- These tools:
- A user principal role with the Global Administrator role
For each subscription or tenant you want to scan, complete these steps:
Sign in to the Azure Portal.
In the navigation menu, click Cloud Shell.
If this is your first time using Azure Cloud Shell, complete these steps:
Note: This may result in subscription fees.
- Select the subscription used to create the storage account and file share.
- Click Create storage.
Choose either Bash or PowerShell as your command line environment.
Run this command to verify that you are using the Azure subscription you want to run Terraform with:
Note: If the Azure subscription is incorrect, see the Microsoft documentation for Terraform configuration in Azure Cloud Shell for steps to authenticate with a different subscription.
az account show
Run this command to initialize Terraform:
Run these commands to confirm that the module is configured correctly:
terraform validate terraform plan terraform apply
Sign in to the Arctic Wolf Unified Portal.
In the menu bar, click Telemetry Management > Connected Accounts.
Click Add Account +.
On the Add Account page, in the Account Type list, select Cloud Security Posture Management.
In the Cloud Services list, select Azure CSPM.
On the Add Account page, configure these settings:
Tip: To retrieve these values at any time, see Retrieve environment values for more information.
- Account Name — Enter a unique and descriptive name for the account.
- Directory ID — Enter the directory ID from the command output in Configure the CSPM Terraform script.
- Application ID — Enter the application ID from the command output in Configure the CSPM Terraform script.
- Subscription ID — Enter the subscription ID from the command output in Configure the CSPM Terraform script.
- Secret Key — Enter the secret key from the command output in Configure the CSPM Terraform script.
- Credential Expiry — (Optional) Enter the expiration date if the credentials have an expiry date.
Click Test and submit credentials.
After your Concierge Security® Team (CST) adds this account to your scan configuration, the connected account changes to Healthy.
- Complete Enable Terraform debugging.