To prepare an Azure application to register with Cloud Workload Security, perform the following steps:
- On the Azure homepage:
- Click Azure Active Directory and view the application name that needs to be registered with CWS.
- On the left side pane, click App Registration and select the application to get the details of the following parameters:
- Subscription ID
- Tenant ID
- Client ID
- Client Key
NOTE: The registration and validation with Azure platform would happen only with these parameters.
- Specify a name in the Account Name field. You can provide any name with special characters because no validation is done during the registration.
- On the Azure homepage, search for Subscriptions and select the subscription to which the IAM needs to be provisioned.
- From the Subscriptions, Access Control/IAM, click Add and select Add Custom Role.
- Provide a custom role name and select Start from Scratch if it is an initial configuration.
- In the same Subscription page, select Permissions, Add Permission. You need to manually add each permission for successful registration. For more information, see KB93423 - Permissions required for Microsoft Azure user to register with Cloud Workload Security.
- Add the role assignment to the subscription, and from the drop-down list select the custom role configured in step 5.
- In the role assignment page, select the application configured with Azure AD. The name is the one you viewed in step 1.