Integrate with cloud infrastructures

  • How to integrate to Amazon Web Services (AWS)

    In order to seamlessly integrate ArmourZero's Cloud Infrastructure scan to your Amazon Web Services (AWS), you need to prepare a SecurityAudit's user credential login.

     

    Integration guide

    1. Go to "Infra" under VULNERABILITY SCANNERS section and click "Add Cloud Account" button.

    2. Click on "Amazon Web Services (AWS)". Under the Create Account menu, you need to provide the SecurityAudit's user credential and click "Integrate" when done.

     

    How to create AWS Security Audit's user credential

    1. Log in to your AWS Management Console.

    2. Go to IAM -> Users and click "Add User".

    3. Provide a username (e.g. az-security-audit and select Programmatic Access").

    4. Click Next: Permissions and choose Attach policies directly.

    5. Search for and select the SecurityAudit policy, then click Next.

    6. Apply these credentials (Access Key ID & Secret Access Key) to the ArmourZero platform to complete the integration.

     

    See more
  • How to integrate to Google Cloud Platform (GCP)

    In order to seamlessly integrate ArmourZero's Cloud Infrastructure scan to your Google Cloud Platform (GCP), you need to prepare a SecurityAudit's user credential login.

     

    Integration guide

    1. Go to "Infra" under VULNERABILITY SCANNERS section and click "Add Cloud Account" button.

    2. Click on "Google Cloud Platform (GCP)". Under the Create Account menu, you need to provide the SecurityAudit's user credential and click "Integrate" when done.

     

    How to create GCP Security Audit's user credential

    1. Log in to your Google Cloud Console (https://console.cloud.google.com).

    2. Select the Google Cloud Project you wish to scan or create a new one.

    3. Copy your "Project ID" from the Google Cloud Console.

    4. Navigate to "IAM & Admin" -> "Service Accounts".

    5. Click "Create Service Account", enter a name (e.g. az-security-audit), and click "Create and Continue".

    6. Assign the necessary roles:

    • Viewer (Recommended) - provides full READ access across the project, allowing the scanner to fully utilise its capabilities.
    • Custom Resource Access (Optional) - you can assign only specific resource view permission (e.g. Compute Viewer, IAM Security Reviewer, Storage Object Viewer) according to your comfort level. Note: limiting access will reduce scan coverage and some findings may not be detected.

    7. Click "Done", then. select the newly created service account from the list.

    8. Navigate to the "Keys" tab and click "Add Key" -> "Create New Key".

    9. Select "JSON", then click "Create" to download the key file.

    10. Important: Store the JSON key file securely. You will need to upload this file to ArmourZero to authenticate your scan.

    11. Enter the "Project ID" and upload the JSON Key File in the ArmourZero platform to complete the integration.

     

     

    See more
  • How to integrate to Microsoft Azure

    In order to seamlessly integrate ArmourZero's Cloud Infrastructure scan to your Microsoft Azure, you need to prepare a SecurityAudit's user credential login.

     

    Integration guide

    1. Go to "Infra" under VULNERABILITY SCANNERS section and click "Add Cloud Account" button.

    2. Click on "Microsoft Azure". Under the Create Account menu, you need to provide the SecurityAudit's user credential and click "Integrate" when done.

     

    How to create Microsoft Azure Security Audit's user credential

    1. Log in to Azure Portal.

    2. Search for "App Registrations" in the top search bar and select it.

    3. If you already have an application, select it from the list.

    4. Navigate to "IAM & Admin" -> "Service Accounts".

    5. If you do not have an application, click "New Registration", provide a name, and click "Register".

    6. Go to Certificates & Secrets → Client Secrets.

    7. Click "New client secret", enter a description (e.g., "Cloud Integration Key"), and select an expiration duration.

    8. Click "Add", then copy and securely store the Client Secret Value (it will not be shown again).

    9. Copy the Application (Client) ID and Directory (Tenant) ID from the Overview page.

    10. Navigate to Subscriptions and select your active subscription.

    11. Go to Access Control (IAM) → Click "Add""Add role assignment".

    12. Select the role "Reader" or "Security Reader", then click "Next".

    13. Under Assign access to, choose "User, group, or service principal".

    14. Click "Select members", search for your existing or newly registered app, and add it.

    15. Copy the Subscription ID from the Subscriptions page.

    16. Apply these credentials (Client ID, Client Secret, Tenant ID, and Subscription ID) to the ArmourZero platform to complete the integration.

     

     

     

    See more

Get in touch

image

Email us

Reach out to our team on any matters

image

Request demo

Request a demo from our consultant

image

Blog

Welcome to ArmourZero Blog

Can't find what you're looking for?

Have you any question which is not answered?

SUBMIT A REQUEST