Connect an Azure Subscription to the Multicloud Defense Controller from the Multicloud Defense Dashboard

Once you prepared the Azure account and subscription as described in the previous sections, you can link it to the Multicloud Defense Controller.

Procedure

Step 1

In the Multicloud Defense Controller dashboard, click Add Account in the Cloud Accounts pane.

Step 2

On the General Information page, select Azure from the Account Type list box.

Step 3

In step 1, click the link to open an Azure Cloud Shell in bash mode.

Step 4

In step 2, click the Copy button.

Step 5

Run the onboarding script in the bash shell.

Note

If there is another Azure subscription already connected to Multicloud Defense, this script may fail when creating an IAM role with the same existing name. There cannot be more than one IAM role. As a workaround, run the Bash script with the -p prefix.
To support spoke VNet protection across subscriptions, onboard subscriptions using Active Directory app registrations.

Step 6

Provide a name for this Azure account. You can choose to name this the same as your Azure subscription name. This name is visible on the Multicloud Defense Controller accounts page only.

Step 7

(Optional) Provide a description for the subscription.

Step 8

Enter the Directory ID, also referred as the Tenant ID.

Step 9

Enter the Subscription ID for the subscription being onboarded.

Step 10

Enter the Application ID, also referred to as the Client ID, created by the onboarding script.

Step 11

Enter the Client Secret, also referred to as the Secret ID.

Step 12

Click Save & Continue.

The Azure subscription is onboarded and you are returned to the dashboard to see that the new device has been added.

What to do next

Create a policy in the Azure portal.
VNet Route Tables for your Azure Subscription
Post-Onboarding Procedures.
Enable traffic visiblilty.