You can onboard an Azure account automatically by using scripts instead of manually registering an application and creating event mechanism. You can copy the pre-defined Carbon Black Cloud scripts from the Carbon Black Cloud console, execute them in the Azure portal, and automatically retrieve all the data for onboarding your Azure account.

To add your Azure account automatically to the Carbon Black Cloud console you use the Add Public Cloud Account wizard. This Carbon Black Cloud wizard provides two scripts that you must run in the Azure portal. The first script outputs details for the Connect Account page of the wizard and the second script enables the event stream mechanism.

Prerequisites

Verify you have available the subscription name and subscription ID.

Procedure

  1. On the left navigation pane, go to Settings > Public Cloud Accounts.
  2. On the Public Cloud Accounts page, click Add Account.
    The Add Public Cloud Account window opens.
  3. Under Cloud Provider, select Azure. Under Method, select Single account. Click Next.
  4. Enter the Azure subscription details and click Next.
  5. On the Connect Account page, locate the script on the right and copy its content.
  6. Go to the Azure portal and open the Azure Cloud Shell.
  7. Run the command you copied from the Carbon Black Cloud wizard: 
    curl https://dev.cwp.cbdtest.io/public-cloud/dev01/azure/pre-onboarding-setup/shell/setup-cbc-pre-account-onboarding.sh -o setup-cbc-pre-account-onboarding.sh && bash setup-cbc-pre-account-onboarding.sh --SubscriptionId <Subscription_ID>
    The script takes the following parameters.
    ScriptURL The onboarding environment. For example, https://dev.cwp.cbdtest.io/public-cloud/dev01/azure/pre-onboarding-setup/shell/setup-cbc-pre-account-onboarding.sh
    SubscriptionId The Azure subscription ID. For example, a1866144-6ff3-4715-b5ff-12239186786e
    After the script successfully executes, the Azure portal ouputs the details for connecting to the account.
  8. Enter these values in the Connect Account details page of Add Public Cloud Account wizard and click Next.
  9. To enable the event stream mechanism, copy the script and run it in the Azure Cloud Shell. 
    curl https://dev.cwp.cbdtest.io/public-cloud/dev01/azure/event-stream-setup/shell/setup-cbc-event-stream.sh -o setup-cbc-event-stream.sh && bash setup-cbc-event-stream.sh --CBInventoryApiHost <APIHost> --CBInventoryOrgKey <Org_Key> --CBInventoryApiKey <API_Secret_Key>/<API_ID> --ResourceGroupLocation <location> --SubscriptionId <Subscription_ID>
    ScriptURL The onboarding environment. For example, https://dev.cwp.cbdtest.io/public-cloud/dev01/azure/event-stream-setup/shell/setup-cbc-event-stream.sh
    CBInventoryApiHost The host for Carbon Black Public Cloud service. For example, defense-dev01.cbdtest.io.
    CBInventoryOrgKey Locate the org key in Carbon Black Cloud console by navigating to the > Settings > API Access > API Keys tab. For example, 8X5TJVYWQ.
    CBInventoryApiKey The API Key is stored in the secret manager and is passed when sending the push notification to Carbon Black Cloud. For more details, see Create and Manage an API Key.
    ResourceGroupLocation Azure resources location
    SubscriptionId The Azure subscription ID. For example, a1866144-6ff3-4715-b5ff-12239186786e
  10. To onboard your Azure subscription, select Add Account.

Results

After your Azure subscription onboards, you can view it in the list of public cloud accounts under Settings > Public Cloud Accounts. If you are in the process of onboarding your subscription, select Add Account without executing the event stream mechanism script; the subscription shows in the lists of accounts with the Event stream not enabled status.