Microsoft Azure

What is Microsoft Azure?

Microsoft Azure is Microsoft's cloud platform. If your organization runs virtual machines, databases, or workloads on Azure, this integration lets Imara automatically collect security and configuration evidence from your environment.

What Imara collects from Azure

• Azure Active Directory (Entra ID) users, roles, and MFA status
• Role-Based Access Control (RBAC) assignments
• Storage account configurations — encryption and public access settings
• Azure Monitor and Activity Log status
• Virtual machine configurations and network security groups
  
  

Required Azure permissions

Imara requires an Azure App Registration (Service Principal) with the following role:

• Reader — read-only access across all subscriptions you want Imara to monitor
  
  

If you want Imara to collect user and MFA data, also grant the Directory Readers role in Entra ID. Imara does not modify any Azure resource or setting.

How to connect

1. In Imara, go to Integrations and select Microsoft Azure.
2. Click Connect. Imara will display the required App Registration details.
3. In the Azure portal, register a new application under Entra ID → App Registrations.
4. Assign the Reader role at the subscription level and, if desired, Directory Readers in Entra ID.
5. Create a Client Secret for the application.
6. Enter your Tenant ID, Client ID, and Client Secret in the Imara setup dialog and click Verify & Connect.
   
   

Frameworks supported

SOC 2, ISO 27001, HIPAA, PCI DSS, NIST CSF, NIST 800-53.

What to expect

Imara performs an initial scan after connection and keeps evidence current through periodic syncs. Common findings include users without MFA, storage accounts with insecure settings, or missing audit logs — each linked to the relevant control in your active framework.