Run an Azure PowerShell Script to Obtain Account Information
- In the Azure portal, open a terminal window to the PowerShell.
- Upload the script you downloaded in Step 4 of Authorize an Azure Tenant: In the Azure portal choose Manage Files > Upload, and choose the file.
- Azure will display a message reporting Successfully uploaded a file and show the location and file name; note this information before dismissing the message.
- In the terminal window, set your current directory to the location of the uploaded file.
- To run the script, at the caret prompt (>) in the terminal window, enter ./AzureOnboarding.ps1.
- The script will prompt you to log into a web browser at https://microsoft.com/deviceLogin, and provide you with a code to authenticate. (If you get an error indicating you are already signed in, log out and log back in again.)
- After initiating the login process, return to the terminal window.
- The login process will present you with a numbered list of subscriptions available to you. (The subscription provides the environment where Azure will create resources needed to onboard Azure Storage for Secure Access DLP protection.) Enter the number corresponding to the subscription you want to work in, or press enter to use the default subscription, indicated with an asterisk.
- The script will present a list of available subscriptions. Enter the name of the same subscription you chose during the login process in the previous step.
- The script will present a list of Resource Groups available within the subscription you have chosen, and prompt you to enter the name of the Resource Group you want to use. This is where the resources needed for onboarding will reside.
- For each Storage Account associated your subscription, the script will offer you the chance to add that Storage Account to the list of Storage Accounts with data to be scanned by Secure Access DLP. When presented with each Storage Account name, press Enter to add that account to the list, or Escape to skip that account. Azure will display messages confirming your choices. The script then proceeds to create the resources needed to support Secure Access DLP.
- When the script has completed processing, it will display an Account ID, a Client ID, and Client Secret. Copy that information and return to Step 5 in Authorize an Azure Tenant .