Integrate with Microsoft Azure
Overview
Integrating with Microsoft Azure allows Bridgecrew to perform scans using read-only API calls. This integration is done using a Terraform template.
You can use the output of terraform plan
to view details of the resources before they are created. The resources that will be created as part of this integration are:
- AzureAD application
- Service principal with the Reader role
- Service principal credential
- Notification to Bridgecrew for the integration
How to Integrate
Part 1 - In Bridgecrew
- From Integrations Catalog, under Cloud Providers, select Azure.

- Review the prerequisites by making sure you have:
- Terraform version 0.12 installed
- The curl command-line tool (installed on the same instance running terraform)
Then click Next.
Note
Confirm that you are currently logged into the relevant Azure environment (see here).
- Enter a name for your token and add a description (Optional), then select Create.
Note: Tokens are specific per user and enforce the role and permission assigned to that user within the organization.
- Save the API Token, then select Next. (The Token will not be available later.)
- Review your configuration and copy the Terraform module code.
Part 2 - In Terraform
- Paste the module you copied into your Terraform file. See the example below.
provider "azurerm" {
subscription_id = "YOUR_SUBSCRIPTION_ID"
features {}
}
module "bridgecrew-read" {
source = "bridgecrewio/bridgecrew-azure-read-only/azure"
org_name = "acme"
bridgecrew_token = "YOUR_TOKEN"
}
Note
Do not change the values of
source
,org_name
andbridgecrew_token
.
Part 3 - In Bridgecrew.
Select Done.
Note: after the next Terraform run, the integration details will appear in the Integrations grid; for further details, see here.
Updated about 2 years ago