Help Center
Go back to application
Help Center
Go back to application
Platform Terms GlossaryContacting Support and Reporting Bugs
Task Management
Task Management explained Creating Tasks Setting up Task NotificationsGiving permissions to team members
Organization
Working together in KertosInviting UsersCreating rolesAssigning System AccessCreating Departments and Assigning Users
Integrations
Discovery
Discovery explainedScanning your websiteScanning your SSO Scanning your cloudSetting up the GCP Integration to enable Asset Discovery & Auto ChecksSetting up the Azure Integration to enable Asset Discovery & Auto ChecksSetting up the AWS Integration to enable Asset Discovery & Auto Checks
Tasks
Device Management
Human Resource Information Systems
Inventory
Inventorization of vendorsInventorization of systemsInventorization of assetsEU AI Act: Inventorization of AI use cases
Risks
Managing risks
Trust Center
Setting up your trust center
Incidents
Reporting incidents
KAIA
KAIA explainedPrinciples of AI at Kertos
Interacting with KAIA
Compliance
Frameworks explainedManaging & implementing controlsCreating & managing policiesCompleting & assigning trainingsGuidance
Privacy Management
Creating a RoPACreating TOMsCreating DPIAs
Data Subject Requests
API Reference
Ingress API Docs for DSRs Webhook API Docs for DSRs
Auto Checks
Auto Checks explainedAuto Checks: AWS Auto Checks: GCPAuto Checks: AzureEnabling Auto Checks by Reconfiguring the Azure IntegrationEnabling Auto Checks by Reconfiguring the GCP IntegrationEnabling Auto Checks by Reconfiguring the AWS Integration
AWS Auto Checks Detailed Explanations
Azure Auto Checks Detailed Explanations

Setting up the Azure Integration to enable Asset Discovery & Auto Checks

This guide explains how to setup your Azure Integration to enable the Auto Checks feature in Kertos and allow the Discovery Run to sync assets from your cloud environment.

Important:
You must have admin rights in your Azure environment to complete the setup.
Without sufficient permissions, you won’t be able to assign the necessary roles, enable APIs, or create service accounts.

Video: How to Enable Azure Integration in Kertos

This video walks you through the full Azure integration setup in Kertos — from registering an application to assigning the correct permissions.

Step 1: Getting Started 

  • Go to the Integrations page in Kertos
  • Click on Setup in Azure Integration Card
  • Toggle Enable Auto Checks to ON

Now you are ready to grant the permissions in your Azure Environment following these Instructions below 

Step 2: Create Application

1. Sign in to the Azure Portal at https://portal.azure.com with your Azure account.

* Make sure your account has the necessary permissions to register an application.

2. Navigate to the App registrations at https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade.

3. Click the New registration button at the top of the page.

4. Complete the registration form (Name: „Kertos“, leave defaults) and submit the form using the Register button at the bottom of the page.

5. Click the Copy button in the section titled Application (client) ID in the Essentials box at the top of the page.

6. Paste the Application (client) ID that you just copied into the textfield (back in Kertos).

7. Click the Copy button in the section titled Directory (tenant) ID in the Essentials box at the top of the page.

8. Paste the Directory (tenant) ID that you just copied into the textfield (back in Kertos).

9. From the side bar go to Manage > API Permissions click on Add a permission then select Microsoft Graph

10. Select Application permissions then search and select below permissions to add them to app:

  • Domain.Read.All
  • Policy.Read.All
  • UserAuthenticationMethod.Read.All

Step 3: Create Client Secret

11. Click the Add a certificate or secret link in the Client credentials section at the top of the page.

12. Click the New client secret button in the Client secrets section at the middle of the page.

13. Complete the form (Description: „Kertos“, Expires: 24 months) and submit the form using the Add button at the bottom of the page.

14. Click the Copy button in the column titled Value of the newly created secret at the bottom of the page.

15. Paste the Secret Value that you just copied into the textfield (back in Kertos).

Step 4: Setup Permissions

16. Navigate to the subscriptions at https://portal.azure.com/#view/Microsoft_Azure_Billing/SubscriptionsBladeV2.

17. Select the active subscription that includes your assets.

18. Click the Copy button in the section titled Subscription ID in the Essentials box at the top of the page.

19. Insert the Subscription ID that you just copied into the textfield (back in Kertos).

20. Click the Access control (IAM) menu item in the left-hand sidebar.

21. Click the Add dropdown link at the top of the page and select Add role assignment.

22. Select the first row with the name Reader in the table and click on the Next button at the bottom of the page.

23. Click the Select members link in the section titled Members. Search for the app name (e. g. Kertos) in the right-hand sidebar, select it, and click the Select button at the bottom of the page.

24. Click the Review + Assign button at the bottom of the page and complete the form to finalize the setup.

Once this is complete, make sure to have the toggle "Enable Auto Checks" ON and run a sync in Kertos.

Step 5: Finalize Integration in Kertos

25. Return to the Kertos Integrations page.

26. Click Save.

27. Click again on the Integration Card to Start Sync to run your first discovery run & auto check.

Was this article helpful?

Powered by Product Fruits