Azure environments - Adaptive Applications - BlueCat Gateway - 21.3.1

Cloud Discovery & Visibility Administration Guide

Product name
BlueCat Gateway

Before you begin

Ensure that the following requirements are met:
  • You must be running Address Manager v9.1.0 or greater
  • You must have an Azure account to retrieve the Azure data with the following permissions set:
    • Common permissions for virtual networks, load balancers, DNS zones, and private DNS Zones:
      • "Microsoft.Authorization/*/read"
      • "Microsoft.Resources/subscriptions/resourceGroups/read"
      • "Microsoft.Resources/deployments/*"
      • "Microsoft.Compute/*/read"
      • "Microsoft.ClassicCompute/*/read"
      • "Microsoft.Network/*/read"
      • "Microsoft.ClassicNetwork/*/read"
      • "Microsoft.Storage/*/read"
    • Role permissions
    • Allows for full access to Azure Service Bus resources (BuiltinRole)
      • "Microsoft.ServiceBus/*"
        Attention: You must not enable the subscription policy to deny "Microsoft.ServiceBus/namespaces". If the subscription policy to deny "Microsoft.ServiceBus/namespaces" is enabled, the following message might appear in the Cloud Discovery & Visibility Azure UI when using the visibility feature:
        [ERROR] Something wrong when get Service Bus HT-PoC
    • Manage EventGrid event subscription operations (BuiltinRole)
      • "Microsoft.Authorization/*/read"
      • "Microsoft.EventGrid/eventSubscriptions/*"
      • "Microsoft.EventGrid/topicTypes/eventSubscriptions/read"
      • "Microsoft.EventGrid/locations/eventSubscriptions/read"
      • "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read"
      • "Microsoft.Insights/alertRule/*"
      • "Microsoft.Resources/deployments/*"
      • "Microsoft.Resources/subscriptions/resourceGroups/read"
      • "Microsoft.Support/*"
    • Monitoring Reader (BuiltinRole)
      • "*/read"
      • "Microsoft.OperationalInsights/workspaces/search/action"
      • "Microsoft.Support/*"