Configure Microsoft Azure for Arctic Wolf CSPM using a Terraform script

You can configure Azure® for Arctic Wolf® Cloud Security Posture Management (CSPM) using a Terraform® script.

Note:
  • Multi-subscription and multi-tenant configurations are not supported.
  • Complete these steps for each subscription or tenant you want to scan.

These resources are required:

  • A valid Arctic Wolf® Managed Risk license
  • The latest version of the Terraform binary
    Tip: Run terraform version to verify your existing Terraform version.
  • A user principal role with the Global Administrator role

These actions are required:

Configure the CSPM Terraform script

  1. Sign in to the Azure Portal.
  2. In the navigation menu, click Cloud Shell.
  3. If this is your first time using Azure Cloud Shell, complete these steps:
    Note:

    This might result in subscription fees.

    1. Select the subscription used to create the storage account and file share.
    2. Click Create storage.
  4. Choose either Bash or PowerShell as your command line environment.
  5. Run this command to verify that you are using the Azure subscription you want to run Terraform with:
    Note:

    If the Azure subscription is incorrect, see the Microsoft documentation for Terraform configuration in Azure Cloud Shell for steps to authenticate with a different subscription.

    BASH 
    az account show
  6. Run this command to initialize Terraform:
    BASH 
    terraform init
  7. Run these commands to confirm that the module is configured correctly:
    BASH 
    terraform validate
terraform plan
terraform apply

Provide your Azure credentials to Arctic Wolf

  1. Sign in to the Arctic Wolf Unified Portal.
  2. In the navigation menu, click Data Collection > Cloud Scanners.
  3. Click + Add Account.
  4. Click Azure.
  5. Click Next: Add Account Information.
  6. Configure these settings:
    Tip: To retrieve these values at any time, see

    Retrieve environment values..

  7. Click Submit.
    A ticket is created so that your Concierge Security® Team (CST) can finalize the configuration of the account. At any time, you can click Tickets & Alerts to view the status of your ticket in the Unified Portal.