You can add your Microsoft Azure Subscription as a data source in vRealize Network Insight.

Prerequisites

You must have the following permissions:
  • Microsoft.Resources/subscriptions/read
  • Microsoft.Compute/virtualMachines/read
  • Microsoft.Network/virtualNetworks/read

  • Microsoft.Network/networkSecurityGroups/read

  • Microsoft.Network/networkInterfaces/read

  • Microsoft.Network/applicationSecurityGroups/read

  • Microsoft.Storage/storageAccounts/read

  • Microsoft.Storage/storageAccounts/listkeys/action

  • Microsoft.Network/networkWatchers/queryFlowLogStatus/*

  • Microsoft.Network/networkWatchers/read

  • Microsoft.Network/publicIPAddresses/read

Alternatively, for ease of use, you can add the Storage Account Key Operator Service Role, Network Contributor, and Reader permissions.

Procedure

  1. Go to Settings > Accounts and Data Sources.
  2. Click Add Source.
  3. Under Public Clouds, select Microsoft Azure.
  4. In the Add a New Microsoft Azure Subscription page, provide the following details:
    Option Action
    Collector VM Select a collector VM from the drop-down menu.
    Tenant ID Enter the tenant ID of Azure active directory (AD).
    Application ID Enter the application ID.
    Application Secret Key Enter the application secret key.
    Subscription ID Enter the subscriptions ID.
    Web Proxy (Optional) Select a web proxy from the drop-down menu.
    Note: The Web Proxy (Optional) is visible only if you have configured a web proxy in vRealize Network Insight.
  5. Click Validate.
    You must have at least one VM, network security group (NSG), NIC, and VNet for a successful validation.
  6. (Optional) If you want to collect the NSG flow logs to get details insight on flows, then select Enable NSG flow data collection check box.
  7. (Optional) In the Nickname text box, enter a nickname.
  8. (Optional) In the Notes text box, add a note if necessary.
  9. Click Submit.