Azure Integration
Connect your Azure environment to scan subscriptions for security misconfigurations and deploy infrastructure.
Prerequisites
- An Azure Active Directory tenant
- A Service Principal (App Registration) with read permissions
Connect Azure
- Go to Configuration > Integrations
- Click “Add Integration” and select Azure
- Enter your Service Principal credentials:
- Directory (Tenant) ID
- Application (Client) ID
- Client Secret (Key)
- Amnify validates the credentials and fetches your tenant info
- Select which Azure subscriptions to activate for scanning
You can change which subscriptions are active at any time from the integration settings.
What gets scanned
Amnify evaluates hundreds of security checks across Azure services including:
- Compute: Virtual Machines, App Service, Functions, AKS
- Storage: Storage Accounts, Blob, File Shares
- Databases: SQL Server, PostgreSQL, MySQL, CosmosDB
- Networking: Virtual Networks, NSGs, Application Gateway, Firewall
- Identity & Access: Entra ID, RBAC, Managed Identities
- Security: Key Vault, Defender for Cloud, Policy
- Observability: Monitor, Application Insights, Log Analytics
- And many more
Compliance frameworks
Azure scans are mapped to:
- CIS Azure Foundations Benchmark (versions 2.0, 3.0, 4.0, 5.0)
- SOC2
- PCI-DSS
- MITRE ATT&CK
- ISO 27001
- HIPAA
- NIST 800-53
- NIS2
- And more
Deploy support
Azure is fully supported for infrastructure deployment. You can deploy VNets, VMs, AKS clusters, Container Apps, and more using Terraform templates.
