Azure Cloud configuration
On this page
Prerequisites for Discovery connection
Before creating a Discovery connection in Service Desk:
- Review Best practices.
- Confirm you have a scanner up and running in your local environment, scanning data and collecting information from your local network.
- After you decide you would like to expand the data collected to include information stored on Entra Cloud, you must create a dedicated user including credentials via the Azure console at: azure.microsoft.com.
Navigation
Setup > Discovery & Assets > Connections.
Azure Cloud configuration
You can follow the Standard configuration or you can Configure to manage by group rather than user
Standard configuration
-
Navigate to Setup > Discovery & Assets > Connections.
-
From the All Connections index page, click the Add
icon and select Azure Cloud from the dropdown. -
In the Azure Cloud Discovery dialog, follow the instructions provided.
-
Use the guidance below to provide information required to configure your connection.
Field Description Cloud identification - Subscription ID
- Tenant ID (found in the Azure portal under Azure Active Directory)
Authentication credentials - Client ID (Azure Portal > Azure Active Directory> App Registration > Add New Registration)
- Client Secret (Inside the app registration added > Certificates and Secrets > Create new client secret)
Permissions required Reader permissions (Add Inside specific subscription > Access Control (IAM) > Role Assignments > Add Role Assignment > Reader)
Click next, then select a member and paste the application (client) Id in search.
If application isn't found:
Search by Object ID (Azure Portal > Entra ID > Enterprise Applications > Select Application > Object ID ) select an application.
Click review + assign, and then assign it.
-
Click Create on the top right of the screen to save the connection.
Configure to manage by group rather than user
To manage by group rather than user (Entra Premium subscription required), the process is similar to the one above. During configuration select a group rather than a user, and then assign a role to the entire group.
To ensure a streamlined and efficient role management process within Service Desk, SolarWinds strongly recommends you create dedicated Azure Active Directory (AAD) groups for each specific role. Each user should be assigned to only one of these groups to avoid conflicts. Membership in multiple groups can lead to unintended behavior, such as users being automatically reassigned between roles, as group assignments are role-specific. Maintaining a one-to-one relationship between users and their assigned role groups prevents disruptions in role-based access and permissions.
Secure connection
After you have established a secure connection between the selected scanner and Azure Cloud, you can retrieve the following information.
| Basic Information | |
|---|---|
| Field | Example |
| Instance ID (VM ID) | eb982846-4594-4a66-afe5-dfb49f66 |
| Name | Win10-API-1 |
| User (Admin Username) | Discovery |
| Operating System (OS) | windows/linux |
| Cloud Details | |
|---|---|
| Field | Example |
| Location | (US) East US |
| VM Size | Standard_B1ls |
| Memory and CPU | |
|---|---|
| Field | Example |
| Memory | 0.5 GB |
| Number of CPUs | 1 |
| Drives | |
|---|---|
| Field | Example (from cloud) |
| Name | CentOS-API-1_DataDisk_0 |
| Size | 1024 GB |
| Type | Microsoft.Compute/disks |
More information about Discovery connections
See Connections for information about:
- Scanned ports and a list of the default ports scanned via Nmap
- How to run an on-demand scan
- How to pull a Last Scan Report
- What data is pulled during Discovery through connections
- Pulling fields from a mobile device via Intune
- Obtaining management data from remote computers via WMI