Connect Azure Account

Sysdig can collect both general metadata and various types of metrics from your Azure environment.

After connecting an Azure account, data will become visible in the Sysdig Monitor UI after a 10-15 minute delay. Sysdig collects metrics at five-minute intervals.

Access Cloud Accounts

  1. Log in to Sysdig Monitor as an administrator.

  2. In the left-hand sidebar, select Integration > Cloud Accounts.

    The Cloud Accounts page appears.

Connect an Azure Account

In Azure

  1. Log in to the Microsoft Azure.

  2. Select Active Directory and register your application with the Active Directory.

    1. Click New registration.

    2. Specify a unique name and select a type.

    3. Click Add a certificate or secret and create the client credentials and secret.

    4. Copy the value of the secret because you will not be able to retrieve the key later.

      The key value is required to sign in as the application.

  3. Navigate to your Subscription and select Access control (IAM).

  4. Click Grant access to this resource to assign an appropriate role to this account.

  5. In the Add role assignment page, select the Monitoring Reader role.

    This role will allow your application to read monitoring data (resources, metric descriptors, metrics).

  6. Click Next to move to the Members tab.

  7. Select Assign access to > User, group, or service principal and then select your application.

  8. Click Review + assign to save the changes.

  9. Ensure that you have the following before you configuring an Azure account in Sysdig:

    • From the App registration page, ensure that you copy the following:

      • Tenant ID
      • Client ID
      • Client Secret
  • From the Subscription page, copy the Subscription ID.

In the Sysdig Monitor UI

  1. On the Cloud Accounts page, click Add Account.

  2. Choose Azure.

    The Connect Azure Account wizard appears.


  3. Enter the details you copied from the Azure App registration and Subscription pages:

    • Tenant ID
    • Client ID
    • Client Secret
    • Subscription ID
  4. Complete the installation and click Confirm.

Monitor Azure Resource Quotas

You can monitor Azure Resource Quotas through the Sysdig API. To enable pulling Azure Resource Quotas into Sysdig Monitor, configure the API endpoint with the following command:

curl -X POST https://${sysdigUrl}/ui/customerSettings/${customerId}/azureIntegration/quota/enable -H "Authorization: Bearer ${token}"

Where:

  • ${sysdigUrl} : The URL you use to access Sysdig Monitor, such as https://us2.app.sysdig.com/ for US West.. This varies by region. See SaaS Regions and IP Ranges.
  • ${customerId} : Your unique Sysdig Monitor customer ID. Find it in Settings > Authentication > Customer ID.
  • ${token}: Your Sysdig Monitor API token. Find it in Settings > User Profile > Sysdig Monitor API Token

Curl is used here as an example; you may use any HTTP API tool that you wish to configure this feature.