Contents x
    Onboarding Azure
    • 01 Jul 2024
    • 2 Minutes to read
    • Print
    • PDF
    Contents

    Onboarding Azure

    • Updated on 01 Jul 2024
    • 2 Minutes to read
    • Print
    • PDF
    Article summary

    Overview

    Prisma Cloud DSPM Orchestrator is used to securely detect and classify sensitive information in your environment, while keeping your data in the organization. You can integrate all of your Azure subscriptions with Prisma Cloud DSPM and monitor them using Orchestrator. You can either use a single Orchestrator to monitor all subscriptions, or use multiple Orchestrators in case separation between environments is required. 

    Note:
    Prisma Cloud DSPM automatically attempts to apply environment labels to projects that are not labeled to the best of its ability.

    Part 1 - Onboarding Prisma Cloud DSPM Orchestrator to Your Azure Environment

    When integrating an Azure subscription with Prisma Cloud DSPM for the first time, you need to approve the installation of Orchestrator to enable Prisma Cloud DSPM to monitor your environment.

    1. Sign in to your Prisma Cloud DSPM account.
    2. From the left menu, select Settings.
    3. Under Integrations, from the Azure option, click Configure.
    4. Select Add New.
    5. Sign in to the Azure subscription where you want to install Orchestrator.
      Note
      Ensure your subscription is using a role that has sufficient permissions to approve an enterprise application and assign roles to the monitored subscriptions.
    6. Enter your Tenant ID and Subscription ID.
    7. Give your subscription a Name and select a Label for it.
    8. To approve Prisma Cloud DSPM enterprise application, click Approve.A Microsoft Permission requested window opens in a new tab. Do not close the Prisma Cloud DSPM tab.
    9. Click Accept.
    10. To Approve the installation of Prisma Cloud DSPM Orchestrator in your subscription, in Prisma Cloud DSPM, check the Acknowledge the following to continue. You will be redirected to the Custom deployment page in Azure to complete the installation. Do not close the Prisma Cloud DSPM tab.
    11.  From Subscription, select the relevant subscription (the one you are onboarding).
    12. From Region, select the region where you want to install Prisma Cloud DSPM Resources Group Location.
    13. Select Review + create.
    14. In the following screen, select Create.
    15. Wait for the deployment to be completed.
    16. Go back to Prisma Cloud DSPM (this tab is automatically refreshed) and click Done. The new subscription is now listed under Connected Subscriptions in your Azure configuration page.


    Part 2 - Adding Monitored Subscriptions

    After adding a first Azure subscription and installing Orchestrator in it, you can add more Azure subscriptions that you want to be monitored by Orchestrator. You can use either an existing Orchestrator to monitor all subscriptions, or install a new Orchestrator for each subscription.

    1. To add a new Azure subscription, follow steps 1-7 as detailed in Part 1 - Onboarding Orchestrator in Your Azure Environment.
    2. Select whether you want to use an existing Orchestrator (in which case, you can select the required Orchestrator from the drop-down menu) or deploy a new Orchestrator in this subscription.
    3. Click Enable.
    4.  Continue as described in steps 11-16 in Part 1 - Onboarding Orchestrator in Your Azure Environment (whether you selected an existing Orchestrator or a new one).
      When added, the new subscription will be listed under Connected Subscriptions.



    Was this article helpful?
    What's Next

    Can’t find what you’re looking for?

    Let us know what you need at support@dig.security and we'll help you as soon as possible