Use the Azure PowerShell Script to Add an Azure Account

Use the Prisma Cloud Azure PowerShell script to automate the process of onboarding your Microsoft Azure account on Prisma Cloud.
To save time and reduce the likelihood of human error, you can use the Azure PowerShell Az module to automate the process of setting up the Prisma Cloud application on your Microsoft Azure cloud environment. Because this script adds the Prisma Cloud application on your Azure Active Directory, you must be an administrator with authorization to create roles, and add an application to manage your Azure subscription.
  1. Verify that you are in PowerShell.
  2. Upload the RedLock Azure Onboarding script.
    azure-power-shell.png
  3. Verify the script is in the local directory and then enter
    ./RedLock-Azure-Onboarding-Beta-V5.ps1
    By default, the file is uploaded to your home directory and you might need to use
    cd ~
    and then enter
    ./RedLock-Azure-Onboarding-Beta-V5.ps1
  4. When prompted, enter your Azure
    SubscriptionID
    , a name to identify the RedLock application for example,
    APPNAME-RedLock-V2
    , and the URL that you use to access Prisma Cloud, for example
    https://app.redlock.io
    .
    azure-ps-prisma-cloud-info.png
  5. When prompted, open the link on your browser.
    azure-ps-browser-prompt.png
  6. Log in to Windows Azure PowerShell.
    Log in to Azure using an account with Owner or Admin access.
    azure-log-in-automatic-script.png
  7. Enter the authentication code and click
    Continue
    to log in to Windows Azure PowerShell.
    azure-log-in-auth-code.png
  8. Verify the details on successful completion of the process.
    The Azure PowerShell window displays the results of the script. It is also saved to a file named Subscription-ApplicationName.txt
    1. The
      Application Client ID
      .
      azure-ps-service-principal.png
    2. The
      Reader
      role.
      azure-ps-reader-role.png
  9. Generate the Application client secret for the Prisma Cloud application.
    The script does not create the application client secret. To generate an application client secret (Step 2-3), you must log in to the Azure portal.
  10. Copy the Prisma Cloud application details from Azure Active Directory.
    Prisma Cloud requires the Directory (tenant) ID, Application Client ID, Application Client Secret, and Enterprise Application Object ID to establish the connection between Prisma Cloud and Azure Active Directory and access the resources in your subscription.

Recommended For You