LogoLogo
APISupportDashboard
  • Welcome
  • Platform
    • Platform Overview
    • Getting Started Guide
    • Discovery
      • Domain Discovery
      • Network Discovery
      • Discovered Assets
    • Targets
      • Scan Policies
      • Add-on Services
      • Tags & Filtering
        • Default Tags
      • Managing Targets
      • Scan Configuration
    • Risk
    • Firewalls
      • Ports
      • HTTP Servers
      • DNS Records
    • Websites
      • Certificates
      • Scripts
      • Cookies
      • Headers
      • Forms
      • Links
      • Downloads
      • Traffic Hosts
      • Meta Tags
      • Pages
    • Technology
    • Issues
      • Vulnerability Management
      • Issue Settings
    • Reports
    • Compliance
    • Projects
      • Penetration Testing
      • Other Projects
    • Events
      • Event Rules
      • Event Types
    • Automations
      • Target Automations
      • Asset Automations
      • Target Issue Automations
  • Integrations
    • Discovery Integrations
      • Azure
      • Google Cloud
      • AWS
      • Cloudflare
      • Oracle Cloud Infrastructure
      • F5
      • GoDaddy
      • Wiz
      • HTTP
    • Workflow Integrations
      • Slack
      • Google Chat
      • Jira
      • PagerDuty
      • Splunk
      • AWS
      • Vanta
      • Microsoft Teams
      • ArmorCode
      • Zapier
        • Slack (via Zapier)
        • Jira (via Zapier)
        • Service Now (via Zapier)
    • Feeds
      • Using Feeds with Google Sheets
    • API
    • Webhooks
  • Account
    • Account Overview
      • Account Security
    • Users
      • Roles & Permissions
Powered by GitBook

© 2024 Halo Security

On this page
  • Azure Setup
  • Step 1: Obtain Subscription ID
  • Step 2: Obtain Resource Groups for DNS Zones
  • Step 3: Create Role Assignment
  • Connect Azure to Halo Security

Was this helpful?

  1. Integrations
  2. Discovery Integrations

Azure

Import assets from Azure DNS.

PreviousDiscovery IntegrationsNextGoogle Cloud

Last updated 3 months ago

Was this helpful?

Azure Setup

The easiest way to get started with importing Azure DNS assets is to use Azure's Cloud Shell to obtain settings and create a Role Assignment for Halo Security. After the setup is complete, we can visit the Halo Security platform to finish the integration.

For more information about Cloud Shell, visit .

Step 1: Obtain Subscription ID

In Cloud Shell, type the following command to retrieve the Subscription ID:

az account show --query id --output tsv

Step 2: Obtain Resource Groups for DNS Zones

Type the following command to view Resource Groups for DNS Zones. Resource Groups will be used to limit the permissions and access for Halo Security's Role Assignment:

az network dns zone list --query [].resourceGroup --output tsv

Step 3: Create Role Assignment

Creating a Role Assignment allows Halo Security to access DNS zones and records with read-only permissions. Create an assignment by typing the following command, replacing SUBSCRIPTION_ID and RESOURCE_GROUP with the appropriate values retrieved above:

az ad sp create-for-rbac -n "HaloSecurity" --role Reader --scopes /subscriptions/SUBSCRIPTION_ID/resourceGroups/RESOURCE_GROUP

Take note of the output of this command, which will be used when connecting Azure to the Halo Security platform. It should look something similar to the following:

{
  "appId": "ffffffff-9231-4f6d-9a74-4f0c9eea2b31",
  "displayName": "HaloSecurity",
  "password": "fFf1F~4fGp~63nuFff1KcyQReXfdcTgDgH1dHail",
  "tenant": "f1fff1f1-e568-4b28-ff1f-eae09c934715"
}

Connect Azure to Halo Security

  1. Add the Azure integration.

  2. Add a name to create the integration.

  3. After creating the integration, finish setting it up by providing the following values that were obtained during the Azure Setup process:

    1. Client ID: appId value created in Step 3

    2. Client Secret: password value created in Step 3

    3. Tenant: tenant value created in Step 3

    4. Subscription Id: Subscription ID value retrieved in Step 1

  4. Finally, click "Save Changes" and your integration will be ready for use. If you did not enable Auto Run, you can run the integration at any time by clicking the start icon.

Visit your Account > Integrations > .

https://learn.microsoft.com/en-us/azure/cloud-shell/overview
Add