Table of contents

Azure Integration

Add Access Policy for Key Vault Attributes

You need to allow Trend Micro Cloud One™ – Conformity permission to list Key Vault Attributes and Secrets in your Azure account to be able to run certain rules successfully in the Conformity platform.

You will need to set up:

  1. From Azure Home, go to Key Vaults.
  2. Navigate to the vault containing the keys and secrets that you want the rule to monitor.
  3. Go to the Access policies section and click on the +Add Access policy button.
  4. To set up Key permissions:
    1. For Key permissions, select List from the dropdown.
    2. Under Key Management Operations check List.

  5. To set up Secret permissions:

    1. For Secret permissions, select List from the dropdown.
    2. Under Secret Management Operations select List.
  6. To set up Certificate permissions:

    1. For Certificate permissions, select List from the dropdown.
    2. Under Certificate Management Operations select List.
  7. Select the App registration setup in the Setup an Azure App registration step as the Principal.

  8. Click on Select in the bottom right corner.

  9. Click Add.
  10. Click Save on the next page.

Once you save the changes, a notification is displayed in the top right corner of the screen confirming the key vault update.

Firewall Enabled Keyvaults

For Keyvaults that have the firewall enabled, you will need to add the Conformity’s IPv4 addresses to allow API calls from Conformity needed for Keyvault Rules.

  1. From Azure Home, go to Key Vaults.
  2. Navigate to the vault containing the keys and secrets that you want the rule to monitor.
  3. Go to the Networking section from left navigation
  4. Under the Firewall section, add the following IPv4 addresses or CIDR blocks:

us-west-2 (Oregon)

34.210.51.120

34.211.72.71

ap-southeast-2 (Sydney)

52.65.53.114

54.153.192.180

eu-west-1 (Ireland)

34.251.80.176

52.214.29.244

Ca-central-1 (Canada)

15.222.199.214

3.96.40.99

ap-southeast-1 (Singapore)

54.255.49.223

18.139.50.58

eu-central-1, CloudOne Germany (de-1)

3.68.155.86

35.157.123.83

ap-northeast-1, CloudOne Japan (jp-1)

35.72.45.89

54.95.48.132