Enabling Auto Checks by Reconfiguring the Azure Integration
Last updated: April 10, 2026
This guide explains how to reconfigure your Azure setup to enable the Auto Checks feature in Kertos.
Important:
You must have admin rights in your Azure environment to complete the setup.
Without sufficient permissions, you won’t be able to assign the necessary roles, enable APIs, or create service accounts.
Video: How to Enable Azure Integration in Kertos
This video walks you through the Reconfiguration Process to enable Auto Checks.
Why reconfigure?
Since the launch of the Auto Checks feature on June 10, 2025, Kertos requires additional permissions in your Azure environment.
These go beyond the original Azure integration setup. Without them, Auto Checks cannot scan and validate your cloud configurations against ISO 27001 controls.
Getting Started
Go to the Integrations page in Kertos
Click on Setup in Azure Integration Card
Toggle Enable Auto Checks to
ON
Now you are ready to grant the permissions in your Azure Environment following these Instructions below:
Permissions Required
To enable Auto Checks, follow the steps below to grant the required permissions in your Azure environment.
Step 1: Add API Permissions
Open the App Registrations in Azure Portal
Select your existing Kertos app
Go to Manage → API Permissions
Click Add a permission → Select Microsoft Graph
Choose Application permissions, then add:
Directory.Read.AllPolicy.Read.AllUserAuthenticationMethod.Read.AllAuditLog.Read.All
Step 2: Assign Reader Role to the App
Open the Subscriptions page in Azure Portal
Select the subscription that contains your cloud assets
Copy the Subscription ID and enter it into Kertos
Go to Access control (IAM)
Click Add → Add role assignment
Select the Reader role
Click Next, then Select members
Search for and select your app (e.g., "Kertos")
Click Review + Assign to complete the setup
Once this is complete, don’t forget to enable the "Auto Checks" toggle and run a sync in Kertos.