Integrate with Microsoft Azure

Overview

Integrating with Microsoft Azure allows Bridgecrew to perform scans using read-only API calls. This integration is done using a Terraform template.

Prerequisites

Before you start this integration, make sure you have:

  • Terraform version 0.12 installed
  • The curl command-line tool (installed on the same instance running terraform)

Also, confirm that you are currently logged into the relevant Azure environment (see here).

You can use the output of terraform plan to view details of the resources before they are created. The resources that will be created as part of this integration are:

  • AzureAD application
  • Service principal with the Reader role
  • Service principal credential
  • Notification to Bridgecrew for the integration

In Bridgecrew

  1. Under Integrations, press Azure Read Only and then Add a Subscription.
  1. Copy the Terraform module code.

In Terraform

  1. Paste the module you copied into your Terraform file. See the example below.
provider "azurerm" {
  subscription_id = "YOUR_SUBSCRIPTION_ID"
  features {}
}
module "bridgecrew-read" {
  source           = "bridgecrewio/bridgecrew-azure-read-only/azure"
  org_name         = "acme"
  bridgecrew_token = "YOUR_TOKEN"
}

📘

Note

Do not change the values of source, org_name and bridgecrew_token.

  1. When the terraform run is complete, the integration details will appear in Bridgecrew Cloud under Integrations>Azure Read Only.

What’s Next
Did this page help you?