https://live.paloaltonetworks.com/t5/general-topics/prisma-cloud-azure-active-directory-resources-not-being-ingested/m-p/577581#M115896 <P>I've completed the setup successfully as the review status after following through the necessary steps of onboarding Azure Active Directory shows the Asset Configuration as "<STRONG>Successful".&nbsp;</STRONG>This was achieved after assigning the necessary API permissions inside of app registrations in Azure Cloud as guided by the documentation.<BR /><BR /></P> <P>The issue, however, lies in whether Prisma Cloud ingests resources i.e. related to Active Directory "Roles and Administrators" or "Identity Protection" (located inside of Azure Entra ID Security Center and other such Security Center resources) or even "Users Password Reset". The resources located specifically in under these services are not being ingested to Prisma Cloud otherwise almost most of Azure AD seems to have been ingested.<BR /><BR /></P> <P>There are even partial ingestions for example, inside of User Settings, Default User Role Permissions is ingested onto Prisma Cloud but not "LinkedIn account connections" or "Administration Center" or “Show keep user signed-in”. There is no issue regarding resource configuration either, rather I have concerns surrounding Prisma's support for ingesting these specific settings/resources which are essential for policy making.&nbsp;For Azure AD Policies to be created, I need these resources to ensure security best practice is implemented. However, currently am facing a hindrance. I’ve covered policies relating to Conditional Access Policies with ease and similar others so as well for reference.</P> Sat, 17 Feb 2024 18:07:08 GMT AJohri 2024-02-17T18:07:08Z https://live.paloaltonetworks.com/t5/general-topics/prisma-cloud-azure-active-directory-resources-not-being-ingested/m-p/577544#M115884 <P><SPAN>I have provided Prisma Cloud with all the necessary API Permissions and more, along with granting the necessary roles needed to view Azure Active Directory Security Settings. The issue lies in resources showing up in Prisma Cloud itself when queried, e.g Identity Protection related resources or Active Directory Roles and Administrators or even Password Reset Policies. I want to inquire what more I should carry out to ensure proper ingestion of these resources i.e where could I have gone wrong?</SPAN></P> Fri, 16 Feb 2024 19:00:10 GMT https://live.paloaltonetworks.com/t5/general-topics/prisma-cloud-azure-active-directory-resources-not-being-ingested/m-p/577544#M115884 AJohri 2024-02-16T19:00:10Z https://live.paloaltonetworks.com/t5/general-topics/prisma-cloud-azure-active-directory-resources-not-being-ingested/m-p/577565#M115890 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/296928">@AJohri</a>,</P> <P>Without knowing what process you followed it's a little hard to help really. Have you gone through <A href="https://docs.prismacloud.io/en/classic/cspm-admin-guide/connect-your-cloud-platform-to-prisma-cloud/onboard-your-azure-account/connect-azure-tenant" target="_self">the docs</A>&nbsp;around getting all of this setup? If it was a permissions issue you should be able to validate that by looking at Setting &gt; Cloud Accounts and looking at Status. The terraform script is highly recommended here, but you can go through and do it manually as well (requirements are in the Azure Application Permissions page) if you don't utilize Terraform.&nbsp;</P> <P><BR />Walking through the docs should get you to the finish line however. If you&nbsp; aren't getting anything ingested it just sounds like the process isn't fully walked through yet and you're missing a couple steps.&nbsp;</P> Sat, 17 Feb 2024 05:10:44 GMT https://live.paloaltonetworks.com/t5/general-topics/prisma-cloud-azure-active-directory-resources-not-being-ingested/m-p/577565#M115890 BPry 2024-02-17T05:10:44Z https://live.paloaltonetworks.com/t5/general-topics/prisma-cloud-azure-active-directory-resources-not-being-ingested/m-p/577581#M115896 <P>I've completed the setup successfully as the review status after following through the necessary steps of onboarding Azure Active Directory shows the Asset Configuration as "<STRONG>Successful".&nbsp;</STRONG>This was achieved after assigning the necessary API permissions inside of app registrations in Azure Cloud as guided by the documentation.<BR /><BR /></P> <P>The issue, however, lies in whether Prisma Cloud ingests resources i.e. related to Active Directory "Roles and Administrators" or "Identity Protection" (located inside of Azure Entra ID Security Center and other such Security Center resources) or even "Users Password Reset". The resources located specifically in under these services are not being ingested to Prisma Cloud otherwise almost most of Azure AD seems to have been ingested.<BR /><BR /></P> <P>There are even partial ingestions for example, inside of User Settings, Default User Role Permissions is ingested onto Prisma Cloud but not "LinkedIn account connections" or "Administration Center" or “Show keep user signed-in”. There is no issue regarding resource configuration either, rather I have concerns surrounding Prisma's support for ingesting these specific settings/resources which are essential for policy making.&nbsp;For Azure AD Policies to be created, I need these resources to ensure security best practice is implemented. However, currently am facing a hindrance. I’ve covered policies relating to Conditional Access Policies with ease and similar others so as well for reference.</P> Sat, 17 Feb 2024 18:07:08 GMT https://live.paloaltonetworks.com/t5/general-topics/prisma-cloud-azure-active-directory-resources-not-being-ingested/m-p/577581#M115896 AJohri 2024-02-17T18:07:08Z