Skip to main content

Azure Integration

Learn how to configure your Azure instance and import data into Ardoq.

Kristine Marhilevica avatar
Written by Kristine Marhilevica
Updated over 7 months ago

Ardoq Support for Microsoft Azure Resources

Ardoq supports importing a wide range of Microsoft Azure resources. Please use the dropdown below to see which Microsoft Azure resources we support.

Click the small black arrow to open the dropdown menu.

Supported Resources

Analysis service servers

App Service Plans

Availability sets

Disks

Hybrid machines

Load balancers

Locations

Managed clusters

Management groups

Microsoft SQL databases

Microsoft SQL managed databases

Microsoft SQL managed instances

Microsoft SQL servers

Network security groups

Network security rules

Resource groups

SQL databases

SQL servers

SQL virtual clusters

SQL virtual machines

Subscriptions

Tag values

Tags

Virtual machine extensions

Virtual machines

Virtual network subnets

Virtual networks

Zones

microsoft.aad/domainservices

microsoft.alertsmanagement/actionrules

microsoft.alertsmanagement/smartdetectoralertrules

microsoft.analysisservices/servers

microsoft.appconfiguration/configurationstores

microsoft.cache/redis

microsoft.cdn/profiles

microsoft.cognitiveservices/accounts

microsoft.compute/availabilitysets

microsoft.compute/diskencryptionsets

microsoft.compute/disks

microsoft.compute/galleries

microsoft.compute/images

microsoft.compute/proximityplacementgroups

microsoft.compute/snapshots

microsoft.compute/virtualmachines

microsoft.compute/virtualmachinescalesets

microsoft.containerinstance/containergroups

microsoft.containerregistry/registries

microsoft.containerservice/containerservices

microsoft.containerservice/managedclusters

microsoft.databox/jobs

microsoft.databricks/workspaces

microsoft.datafactory/factories

microsoft.datalakeanalytics/accounts

microsoft.datalakestore/accounts

microsoft.datashare/accounts

microsoft.dbformariadb/servers

microsoft.dbformysql/servers

microsoft.dbforpostgresql/servers

microsoft.deploymentmanager/servicetopologies

microsoft.deploymentmanager/steps

microsoft.devops/pipelines

microsoft.devtestlab/labs

microsoft.documentdb/databaseaccounts

microsoft.domainregistration/domains

microsoft.eventgrid/domains

microsoft.eventgrid/topics

microsoft.eventhub/clusters

microsoft.eventhub/namespaces

microsoft.hanaonazure/hanainstances

microsoft.hanaonazure/sapmonitors

microsoft.hdinsight/clusters

microsoft.healthcareapis/services

microsoft.hybridcompute/machines

microsoft.hybriddata/datamanagers

microsoft.importexport/jobs

microsoft.insights/actiongroups

microsoft.insights/activitylogalerts

microsoft.insights/alertrules

microsoft.insights/autoscalesettings

microsoft.insights/components

microsoft.insights/metricalerts

microsoft.insights/privatelinkscopes

microsoft.insights/webtests

microsoft.keyvault/vaults

microsoft.kusto/clusters

microsoft.labservices/labaccounts

microsoft.logic/integrationaccounts

microsoft.logic/integrationserviceenvironments

microsoft.logic/workflows

microsoft.machinelearning/commitmentplans

microsoft.machinelearning/webservices

microsoft.machinelearningservices/workspaces

microsoft.maintenance/maintenanceconfigurations

microsoft.managedidentity/userassignedidentities

microsoft.maps/accounts

microsoft.media/mediaservices

microsoft.migrate/projects

microsoft.mixedreality/remoterenderingaccounts

microsoft.mixedreality/spatialanchorsaccounts

microsoft.network/applicationgateways

microsoft.network/applicationsecuritygroups

microsoft.network/azurefirewalls

microsoft.network/bastionhosts

microsoft.network/ddosprotectionplans

microsoft.network/expressroutecircuits

microsoft.network/expressroutegateways

microsoft.network/expressrouteports

microsoft.network/firewallpolicies

microsoft.network/frontdoors

microsoft.network/ipgroups

microsoft.network/loadbalancers

microsoft.network/localnetworkgateways

microsoft.network/natgateways

microsoft.network/networkexperimentprofiles

microsoft.network/networkinterfaces

microsoft.network/networkprofiles

microsoft.network/networksecuritygroups

microsoft.network/networkwatchers

microsoft.network/p2svpngateways

microsoft.network/privateendpoints

microsoft.network/privatelinkservices

microsoft.network/publicipaddresses

microsoft.network/publicipprefixes

microsoft.network/routefilters

microsoft.network/routetables

microsoft.network/serviceendpointpolicies

microsoft.network/virtualhubs

microsoft.network/virtualnetworkgateways

microsoft.network/virtualnetworks

microsoft.network/virtualnetworktaps

microsoft.network/virtualrouters

microsoft.network/virtualwans

microsoft.network/vpngateways

microsoft.network/vpnsites

microsoft.notificationhubs/namespaces

microsoft.operationalinsights/clusters

microsoft.operationsmanagement/solutions

microsoft.peering/peerings

microsoft.peering/peeringservices

microsoft.portal/dashboards

microsoft.powerbidedicated/capacities

microsoft.recoveryservices/vaults

microsoft.relay/namespaces

microsoft.resources/deploymentscripts

microsoft.scheduler/jobcollections

microsoft.security/automations

microsoft.servicebus/namespaces

microsoft.servicefabric/clusters

microsoft.signalrservice/signalr

microsoft.solutions/applicationdefinitions

microsoft.solutions/applications

microsoft.solutions/jitrequests

microsoft.sql/instancepools

microsoft.sql/managedinstances

microsoft.sql/servers

microsoft.sql/virtualclusters

microsoft.sqlvirtualmachine/sqlvirtualmachinegroups

microsoft.sqlvirtualmachine/sqlvirtualmachines

microsoft.storage/storageaccounts

microsoft.storagecache/caches

microsoft.storagesync/storagesyncservices

microsoft.storsimple/managers

microsoft.streamanalytics/streamingjobs

microsoft.web/certificates

microsoft.web/connectiongateways

microsoft.web/connections

microsoft.web/customapis

Note: It is recommended to select only the resource types that you will be using as it will be much faster to load your data.

Setting Up — Microsoft Azure

Application Configuration

  1. ​Add the Ardoq application to your Azure tenant

  2. Go to Enterprise applications, select the Ardoq application you added, and copy its Application ID

PowerShell Configuration

  1. Open PowerShell and log in with the az login command

  2. Assign a role for the Ardoq application with the scope you want for permissions:

    1. For example, if you want to grant the Reader role permission for your subscription, use the following command:

      az role assignment create --assignee <your_application_id> --role Reader --scope /subscriptions/<your_subscription_id>

    2. If you want to use multiple subscriptions, you will need to execute the above command for each subscription ID.

Setting Up — Ardoq

  1. Go to the main menu and select Home > Import and integrations

  2. Select Azure

  3. Go to the Connections tab and click Create new connection

  4. Fill in your connection credentials based on your Microsoft Azure details

  5. Click Create connection to finalize the configuration

Importing from Azure

To create a new import, click Create new import in the top right corner.

On the first step of the import, please select what connection you would like to use, then select the location(s) of the servers and subscription(s). Finally, please select the resource groups and resource types you would like to import.

Click on the Next button in the bottom right corner of the page to configure your data.

Select a table to configure its columns, and navigate to Components. Although all Azure tables contain components, references can be created using column configurations. Select the Ardoq workspace to import the table into. You can either select an existing workspace or type a name to create a new one. Configure the columns to map the values to the correct Ardoq concepts.

Click the Review Import button to get a summary of what the import result will be. Finally, click the Import My Data button to execute the actual import.


FAQ

Why does the Resource Groups preview show all resource groups even though I have selected only a single resource group?

The Resource Group type is considered a special case as it will list all resource groups that the role has access to regardless of which type you have selected.


​Unable to authenticate while setting up the integration

For secret-based authentication, please create an app in your tenant.

Note: Currently users with a role of admin can only configure the integration.

The following instruction should be relevant but can be a little outdated in a part of navigation to different Azure sections. In general, you should follow documentation by Microsoft.

One of the ways to set up is to create a secret and assign a Reader role at the subscription level as follows:

  1. Log in to Azure portal.

  2. Open the App registration section and add a new app and name it “Ardoq integration”.

  3. Open Authentication and create a Secret. After that, we can log in, but a list of regions and so on will be empty. We can only log in, but we won't have access to data. For this we'll need to assign the Reader role on the subscription level:

    1. Open Subscriptions and click Subscription

    2. Open Access control

    3. Click Add in the Role assignment section, and assign the following 3 fields to assign:

      1. Role: Reader

      2. Assign access to: Azure AD user, group or service principal (it is the default value)

      3. Select the application we created before

      4. Click Save. It may take some seconds for Azure to save changes, after that it should be possible to log in and read regions in Ardoq

Related Articles
User Management with Single Sign-on
Setting up Single Sign-on using SAML
Single Sign-on with Azure Active Directory (Microsoft Entra ID)
Microsoft Entra ID Integration
How to map Microsoft Azure resources to Ardoq Solutions
Did this answer your question?