Configure an Azure Cloud Account

Configure a Cloud Account

Requirements

Export Activity Logs to an Azure Log Activity Workspace

  • Open the Azure Console and login to the relevant tenant

  • Go to the Activity Log service

  • Follow Azure official procedure to send the activity logs to a Log Analytics Workspace

    • env0 reads and uses the Administrative logs only:

Grant permissions to env0 via OIDC

  • Open the Azure Console and login to the relevant tenant
  • Go to the Microsoft Entra ID service
  • Follow this procedure to configure a proper App registration
  • After the App registration is created, Go to the Log Analytics Workspaces service
  • Select the relevant Log Analytics Workspace, and select Access Control (IAM) from the left pane menu
  • Click + Add and select Add role assignment
  • Add the Log Analytics Reader permission to the relevant App registration