VinTekh
All sources
Integration

Microsoft Defender for Cloud

Pull Defender for Cloud recommendations. Lighter-scope than the full Azure connection — needs only Security Reader on the subscriptions you want scanned.

Connect with Service Principal

Auth mode: ServicePrincipal · scope: Security Reader

How you'll see this source in the list.

Microsoft Entra ID → Overview → Tenant ID.

App registration → Overview → Application (client) ID.

Certificates & secrets → New client secret → copy the Value column.

Comma-separated subscription IDs. Blank = every subscription the Security Reader scope sees.

Credentials are encrypted at rest with AES-GCM. Never logged.

What you'll need

Tenant ID — Microsoft Entra ID directory id.

Client ID — App Registration Application (client) ID.

Client Secret — secret value (not its ID).

Security Reader role on every subscription you want pulled.

Reuse the Azure SP if it already has Security Reader — VinTekh stores each connector's credentials separately so rotation is independent.

One-line bootstrap

Run once in Cloud Shell

SUB=$(az account show --query id -o tsv)
az ad sp create-for-rbac \
  --name VinTekh-Defender \
  --role "Security Reader" \
  --scopes /subscriptions/$SUB
Defender role docs