Import Azure settings into FortiSandbox
In FortiSandbox v3.2.0 and higher, you can import Azure settings using the Account Authentication method or the Service Principal method.
Import using Account Authentication
To import Azure account authentication:
- Go to the FortiSandbox GUI.
- Click System > Azure Config.
The Azure email account should be the Owner of the resource group of FortiSandbox.
- Click Test Connection to verify the connection is accessible and authentication is valid.
- Click Submit.
Import using Service Principal
To import the Azure settings using Service Principal, get the client and tenant IDs from the Azure portal and then enter them into FortiSandbox using the GUI.
Requirements:
To get client and tenant IDs in the Azure portal:
- In the Azure portal, go to Azure Active Directory > App registrations and locate the service principal information in the application you created.
For information, see (Optional) Create an App registration.
- Go to Manage > Certificates & Secrets. The service principal information is located in the Application (client) ID and Directory (tenant) ID fields.
To import Azure service principal in FortiSandbox:
- In FortiSandbox, go to System > Azure Config.
- In FortiSandbox, enter the following Azure configuration settings and then click Submit.
Client id
Enter the Application (client) ID from the Azure portal.
Client Secret
Enter the client secret.
Location
The location you used to set up the resource group.
Tenant id
Enter the Directory (tenant) ID from the Azure portal.
Subscription ID
Your subscription ID.
Resource group
Resource group.
Storage account
Storage account name.
Storage account access key
Storage account access key.
Monitor storage account
Monitor account name.
Monitor account access key
Monitor account access key.
Network security group
The security group you created for FortiSandbox port2.
Virtual network
Name of the virtual network you created.
Subnet
Use the subnet created for the local Windows or Linux VM communication (port2) if one exists. Otherwise, select the management subnet.
VM Type
The VM type of custom VM clone(s).
Minimum: Standard_B2ms
Recommended: Standard_B2ms