Microsoft Defender For Cloud Configuration Guide

1. Introduction

• A valid Subscription ID, Client ID and Client Secret is required with the required permissions to configure the Microsoft Defender for Cloud Connector.

2. Prerequisites

• Azure console access.

3. Microsoft Defender For Cloud Setup Guide

3.1. Get Client ID & Client Secret

For Client ID and Client Secret we need to create an Entra app

Documentation links for the same:

• Create a Microsoft Entra application and service principal that can access resources
• Create a new application secret.

or follow the below guide

• Go to https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps or Select Microsoft Entra ID or type in search box for Microsoft Entra ID
• Click on App registrations.
• Click on New Registration.
• Add relevant info to register an app. (We can skip the Redirect URI since it is optional)
• Copy the Application (client) ID value
• Click on Add a Certificate.
• Click on New Client Secret.
• Copy the secret Value. (Please copy the client secret value, as it will only be displayed once and will not be visible again. If you lose this value, you will need to create a new client secret.)

3.2. Get Subscription ID:

• In Azure Portal, go to "Subscriptions"
• Copy your subscription ID

3.3. Assign Required Permissions

• In the Azure Portal, navigate to your subscription
• Select "Access control (IAM)"
• Click "Add role assignment"
• Choose "Security Reader" role

• • Select "Next"

  • In the "Assign access to" field, choose "User, group, or service principal"

  • Click "Select Members"

  • Search for and select your registered application (Note: Use the Object ID from the Application's overview page if the app isn't visible in the list)

  • Click "Review + assign" to complete the permission assignment