Microsoft Azure

Connect the VSM workspace to your Microsoft Azure Cloud environment


Create service principal

The following command will create a service principal.

az ad sp create --id 978cb4bd-ac97-42e1-bb8a-3b9448074a8f

Assign "Reader" permission to LeanIX scanner

If you want to assign the permission to individual subscriptions, use the following snippet:

az role assignment create --assignee "978cb4bd-ac97-42e1-bb8a-3b9448074a8f" --role "Reader" --subscription "$SUBSCRIPTION_ID"

If you want to assign to management groups, use:

az role assignment create --assignee "978cb4bd-ac97-42e1-bb8a-3b9448074a8f"
--role "Reader"
--scope "/providers/Microsoft.Management/managementGroups/{managementGroupName}"

Configure LeanIX to discover your Azure environment

"azure": {
        "tenantIds": [

Click the button Overwrite all configurations to save your configuration.

In your LeanIX VSM Workspace, go to Administration > Integrations > Public Cloud Integration > Configure. Click the button Scan now to start the discovery process. Wait until all scan runs show the status COMPLETED (Refresh the browser page if necessary).

You can now browse the inventory of your cloud environment.