Microsoft Azure subscription

​

Prerequisites

• Owner role at the subscription scope
  Needed to grant the Plerion App registration permissions for CSPM, and to create the resource group, managed identity, and role assignments for CWPP.
• CWPP requirements
  If you plan to enable CWPP, review the Azure CWPP prerequisites. These are not needed if you only want CSPM.

​

Steps to add a Microsoft Azure subscription integration

1

On the Plerion dashboard, go to Settings > Integrations

2

Find Microsoft Azure subscription and click the + button

3

Select an Azure Active Directory integration

Choose an existing Azure AD integration to reuse its app registration.

4

Grant the app registration subscription access

• Provide access to the App registration using either the Azure CLI or Azure Portal.
• If enabling CWPP, select the default region where Plerion will create a dedicated resource group.

5

Download and run the setup script

• Download the script and run it in your CLI or Azure Cloud Shell.

Copy

bash ms-azure-install-plerion.sh

• This will list the available subscriptions.
• Use the associated number to select one, or press y to install on all subscriptions.

6

Install CSPM roles

• Press y to install CSPM roles on all subscriptions, or enter the subscription number to install on a specific subscription.
• To skip optional CSPM roles, press s. To install them, press y.

7

Install CWPP roles (optional)

Press y to enable CWPP on all subscriptions, or enter a subscription number to enable it only on that subscription.

8

Return to Plerion and verify access

• On the Plerion platform, click Verify access.
• Subscriptions with correct permissions will be displayed.

9

Add subscriptions to your tenant

• Select the subscriptions to onboard and click Add subscriptions.
• These subscriptions will now be available in Plerion for CSPM and CWPP.

​

Troubleshooting