Skip to main content

Check out Port for yourself ➜ 

Azure

Loading version...

Our integration with Azure provides the ability to export your Azure resources to Port, according to your configuration. After the initial import of data, the integration will also listen to live events from Azure to update data inside Port in real time.

Supported resources SubscriptionResource GroupContainer AppStorage AccountVirtual MachineManaged ClusterLoad Balancer
Open source

Port's Azure exporter is open source, view the source code here.

Common use cases

Our Azure integration makes it easy to fill the software catalog with data directly from your Azure subscription, for example:

  • Map resources from your Azure subscriptions, such as AKS, Storage Accounts, Container Apps, Load Balancers and other Azure resources.
  • Watch for Azure object changes (create/update/delete) in real-time, and automatically apply the changes to your entities in Port.
  • Configure relations to other resources in your organization to create complete, easily digestible views of your resources and their relationships inside Port.

Setup

Choose one of the following installation methods: Not sure which method is right for your use case? Check the available installation methods.

Sync approaches

Port offers two approaches for synchronizing Azure resources:

Azure REST exporterAzure resource graph exporter
Sync methodFull resource scan via Azure Resource Manager (ARM) REST APIFast sync via Azure Resource Graph
Real-time updatesYes — via Azure Event Grid (Terraform deployment only)No
DeploymentHelm, Docker, or ContainerAppHelm, Docker, or ContainerApp
Best forComprehensive resource visibility with full schemas and real-time Event Grid notificationsSpeed and efficiency at massive scale (thousands of subscriptions)
Choosing the right approach

Choose the Azure REST exporter when you need the full resource schema or real-time Event Grid notifications. Choose the Azure resource graph exporter when syncing at scale is the priority and you don't need Event Grid infrastructure.

Ingest Azure resources

The Azure exporter can retrieve all the resources supported by the Azure Resource Manager REST API, and export them to Port as entities of existing blueprints.

For examples on how to map resources head to the resource templates page.

Configuration

Port integrations use a YAML mapping block to ingest data from the third-party api into Port.

The mapping makes use of the JQ JSON processor to select, modify, concatenate, transform and perform other operations on existing fields and values from the integration API.

Default mapping configuration

This is the default mapping configuration you get after installing the Azure integration.

Default mapping configuration (click to expand)
resources:
- kind: subscription
  selector:
    query: 'true'
    apiVersion: '2022-09-01'
  port:
    entity:
      mappings:
        identifier: .id
        title: .display_name
        blueprint: '"azureSubscription"'
        properties:
          tags: .tags
- kind: Microsoft.Resources/resourceGroups
  selector:
    query: 'true'
    apiVersion: '2022-09-01'
  port:
    entity:
      mappings:
        identifier: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
          | join("/")
        title: .name
        blueprint: '"azureResourceGroup"'
        properties:
          location: .location
          provisioningState: .properties.provisioningState + .properties.provisioning_state
          tags: .tags
        relations:
          subscription: .id | split("/") | .[1] |= ascii_downcase |.[2] |= ascii_downcase
            | .[:3] |join("/")
- kind: Microsoft.App/containerApps
  selector:
    query: 'true'
    apiVersion: '2022-03-01'
  port:
    entity:
      mappings:
        identifier: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
          | join("/")
        title: .name
        blueprint: '"azureCloudResource"'
        properties:
          location: .location
          type: .type
          tags: .tags
        relations:
          resource_group: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
            | .[:5] |join("/")
- kind: Microsoft.Storage/storageAccounts
  selector:
    query: 'true'
    apiVersion: '2023-01-01'
  port:
    entity:
      mappings:
        identifier: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
          | join("/")
        title: .name
        blueprint: '"azureCloudResource"'
        properties:
          location: .location
          type: .type
          tags: .tags
        relations:
          resource_group: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
            | .[:5] |join("/")
- kind: Microsoft.Compute/virtualMachines
  selector:
    query: 'true'
    apiVersion: '2023-03-01'
  port:
    entity:
      mappings:
        identifier: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
          | join("/")
        title: .name
        blueprint: '"azureCloudResource"'
        properties:
          location: .location
          type: .type
          tags: .tags
        relations:
          resource_group: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
            | .[:5] |join("/")
- kind: Microsoft.ContainerService/managedClusters
  selector:
    query: 'true'
    apiVersion: '2023-05-01'
  port:
    entity:
      mappings:
        identifier: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
          | join("/")
        title: .name
        blueprint: '"azureCloudResource"'
        properties:
          location: .location
          type: .type
          tags: .tags
        relations:
          resource_group: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
            | .[:5] |join("/")
- kind: Microsoft.Network/loadBalancers
  selector:
    query: 'true'
    apiVersion: '2023-02-01'
  port:
    entity:
      mappings:
        identifier: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
          | join("/")
        title: .name
        blueprint: '"azureCloudResource"'
        properties:
          location: .location
          type: .type
          tags: .tags
        relations:
          resource_group: .id | split("/") | .[3] |= ascii_downcase |.[4] |= ascii_downcase
            | .[:5] |join("/")

Mapping & examples per resource

Use the explorer below to view the mapping and blueprint definition for each resource type. For additional resources and advanced configurations, see the resource templates page.

Monitoring and sync status

To learn more about how to monitor and check the sync status of your integration, see the relevant documentation.

FAQ: Multiple subscriptions support

How do I configure the Azure exporter to ingest resources from multiple subscriptions? (click to expand)

To configure the Azure exporter to ingest resources from other subscriptions, follow these steps:

  1. Navigate to the Subscription:

    • Go to the Azure portal and select the subscription you want to ingest resources from.

  2. Assign Permissions:

    • In the subscription's Access control (IAM) section, go to the Role assignment tab.
    • Choose the appropriate role for the managed identity responsible for the integration.
    • Assign this role to the managed identity associated with the integration.

  3. Repeat the Process:

    • Repeat the above steps for each subscription you wish to include.
How do I set up real-time data ingestion from multiple subscriptions? (click to expand)

You can use the Terraform deployment method with Event Grid, you will need to set up an Event Grid System Topic and an Event Grid Subscription in each subscription you want to ingest resources from. The system topic should be of type Microsoft.Resources.Subscriptions. Refer to the Azure Integration example for more information.

Next steps