Skip to content
  • There are no suggestions because the search field is empty.

Microsoft Azure Cloud Inventory

 

Block 64 and Azure Inventory

Block 64 is expanding its Discovery capabilities within the Azure Cloud. The new Azure Inventory reports are available on Combine under Cloud Reports → Azure Management, providing a consolidated view of the Azure Virtual Machines and Recommendations. The Combine Reporting for Virtual Machines offers insights to all Virtual Machines metadata, while the Advisor and Secure Scores offer recommendations on how to improve various aspects such as Cost, Performance, Security, and others.

This article will outline how to add Azure Inventory to your discovery.

How to add Azure Inventory

Currently, Azure Inventory is triggered through the Block 64 Application. After installing the application and successfully validating your email address, users can choose between a Simple or Custom deployment.

For Simple deployment, users can validate all forms of authentication using a single email:

Alternatively, in the Custom deployment's Credentials page, users can opt to use different credentials for each authentication:

 

To enable Azure Inventory, we require that the user grants Block 64 Read-Only permission.

Once these steps are completed, the Block 64 Application will begin collecting data from your Azure Environment.

Reporting

As mentioned, the collected data on your Azure Environment can be viewed on Combine under the Cloud Reports → Azure Management section. The Combine pages for Azure Inventory will show a summarized view of the data that has been collected from your Azure Environment. Reports with more granular data can be generated on these Azure Inventory pages, allowing for more insight into their associated domains.

No Azure data after entering the credentials?

There may be instances where data collection is unsuccessful. This issue could arise due to the following reasons:


1. The account used may not have an active Azure subscription in their environment.
2. If there is an active Azure subscription, the account being used must not only be a Global Administrator account, but it must also have the necessary access to those Azure subscriptions.

You can easily check the access by navigating to the "Subscriptions" page in the Azure portal.

If you do have an Azure subscription but the account lacks access, this can be resolved by following these steps:

Detailed Steps:

  1. Sign in to the Azure portal: Access the Azure portal at https://portal.azure.com.

  2. Navigate to Azure Active Directory: In the left-hand menu, select "Azure Active Directory".

  3. Go to Roles and administrators: Under "Manage", select "Roles and administrators".

  4. Check the Global administrator role: Click on "Global administrator" to see the list of users with this role.

  5. Verify subscription access: If the "Access management for Azure resources" option is enabled in Azure AD properties, the global administrator has access to all subscriptions. If it's not enabled, they may need to have the "Owner" or "Contributor" role assigned to specific subscriptions to view them.

  6. Check for specific subscriptions: If you are trying to see if a particular subscription is active for the global admin, you can navigate to the "Subscriptions" page in the Azure portal, select the subscription, and then go to "Properties" under "Settings" to see the account administrator.

  7. Review sign-in logs: You can also review sign-in logs to see if the global administrator has been actively using Azure resources.