LogoLogo
Login to CortexBook a DemoCortex Academycortex.io
  • Cortex Docs
  • Cortex Quick Start
  • Ingesting data into Cortex
    • Managing Entities
      • Adding entities
        • Add services
        • Add domains
        • Add teams
        • Add custom entity types
        • Defining dependencies
      • Entity details page
      • Defining ownership
      • Defining relationship types
      • Grouping entities
      • Adding external documentation
      • Adding Deploy data
      • Adding custom data
      • Viewing discovered entities
      • Archiving entities
      • Relationship graph
      • Using On-call Assistant for incidents
      • Managing Terraform infra in Cortex
    • Managing Catalogs
    • Integrations
      • Internally hosted integrations
      • ArgoCD
      • AWS
      • Azure DevOps
      • Azure Resources
      • BambooHR
      • Bitbucket
      • BugSnag
      • Buildkite
      • Checkmarx
      • CircleCI
      • ClickUp
      • Codecov
      • Coralogix
      • Custom webhook integrations
      • Datadog
      • Dynatrace
      • Entra ID (Azure AD)
      • FireHydrant
      • GitHub
      • GitLab
      • Google
      • Grafana
      • incident.io
      • Instana
      • Jenkins
      • Jira
      • Kubernetes
      • LaunchDarkly
      • Lightstep
      • Mend
      • Microsoft Teams
      • New Relic
      • Okta
      • Opsgenie
      • PagerDuty
      • Prometheus
      • Rollbar
      • Rootly
      • Sentry
      • ServiceNow
      • Slack
      • Snyk
      • SonarQube
      • Splunk Observability Cloud (SignalFx)
      • Splunk On-Call (VictorOps)
      • Sumo Logic
      • Veracode
      • Wiz
      • Workday
      • xMatters
  • Scorecards
    • Initiatives and Action items
      • Creating issues based on Initiatives
    • Scorecard rule exemptions
    • Scorecard rule filters
    • Scorecard examples
    • Scorecards as code
  • Reports
    • Executive report
    • All Scorecards report
    • Bird's eye report
    • Progress report
    • Report card
  • Eng Intelligence
    • Custom Metrics
    • Jira Metrics
    • Metrics Explorer (Beta)
  • Cortex Query Language (CQL)
    • Using CQL reports
    • Using JQ in Cortex
  • Workflows
    • Creating a Workflow
      • Workflows as code
    • Blocks
    • Running a Workflow
    • Registering a Scaffolder template
      • Scaffolder advanced usage
    • Using a Workflow to sync in ArgoCD
    • Kicking off a Jenkins pipeline in a Workflow
    • Calling internal service endpoints in a Workflow
  • Plugins
    • Creating a plugin
      • Creating a plugin proxy
    • Migrating Backstage plugins to Cortex
  • Engineering homepage
  • Workspace Settings
    • Using GitOps for Cortex
      • GitOps logs
    • Managing users
      • Roles and permissions
        • Custom roles
        • Team ownership entity editing
      • Configuring SSO
        • Microsoft Entra ID
        • Google
        • Other OIDC providers
        • Okta
          • Okta SCIM
      • Configuring identity mappings
      • Onboarding management
    • API keys, secrets, and tokens
      • Secrets
      • Personal tokens
    • Audit logs
    • Entity settings
      • Data verification
      • Auto archiving entities
    • IP allowlist
    • Notifications
      • Notification logs
    • Customizing your workspace
    • Using search in Cortex
  • Cortex API
    • REST API operations
      • API Keys
      • Audit Logs
      • Catalog Entities
      • Custom Data
        • Custom Data (Advanced)
      • Custom Events
      • Custom Metrics
      • Dependencies
      • Deploys
      • Discovery Audit
      • Docs
      • Eng Intel: User Labels
      • Entity Relationship Types (Beta)
      • Entity Relationships (Beta)
      • Entity Types
      • GitOps Logs
      • Groups
      • Initiatives
      • Integrations APIs
        • Azure Active Directory (Entra ID) API
        • Azure Resources API
        • AWS API
        • Azure DevOps API
        • CircleCI API
        • Coralogix API
        • Datadog API
        • GitHub API
        • GitLab API
        • incident.io API
        • LaunchDarkly API
        • New Relic API
        • PagerDuty API
        • Prometheus API
        • SonarQube API
      • IP Allowlist
      • Notification Logs
      • On call
      • Packages
      • Plugins
      • Queries
      • SCIM
      • Scorecards
      • Secrets
      • Team Hierarchies
      • Teams
      • Workflows
Powered by GitBook
On this page
  • Overview
  • How to configure Azure Resources with Cortex
  • Prerequisites
  • Configure the integration in Cortex
  • How to connect Cortex Entities to Azure Resources
  • Enable automatic discovery of Azure Resource entities
  • Discover ownership for Azure Resources
  • Define a dependency
  • Import entities from Azure Resources
  • Editing the entity descriptor
  • Scorecards and CQL
  • Background sync
  • FAQs and troubleshooting
  • Still need help?​

Was this helpful?

Export as PDF
  1. Ingesting data into Cortex
  2. Integrations

Azure Resources

Last updated 1 month ago

Was this helpful?

Overview

provides on-demand cloud computing platforms and APIs. Cortex uses the Azure Resource API to pull in resource details and import entities such as SQL servers, virtual machines, virtual networks, load balancers, and others.

Integrate Azure Resources with Cortex to drive insights into:

  • Catalogs

  • Dependencies

After the integration is configured, your resources from Azure will be visible in Cortex.

How to configure Azure Resources with Cortex

Prerequisites

Before getting started, you will need the following information. These can be found in the Enterprise applications section of Azure:

  • Azure tenant ID

  • Azure client ID and

  • Azure subscription ID

    • Ensure that the service principal for the subscription ID has a .

Configure the integration in Cortex

    1. In Cortex, click your avatar in the lower left corner, then click Settings.

    2. Under "Integrations", click Azure Resources.

  1. Click Add configuration.

  2. Configure the Azure Resources integration form:

    • Account alias: Enter your Azure account alias. Account aliases are used to tie service registrations to different configuration accounts.

    • Azure tenant ID: Enter your Azure tenant ID.

    • Client ID and Client secret: Enter your Azure client ID and secret.

    • Subscription ID: Enter your Azure subscription ID.

  3. Click Save.

How to connect Cortex Entities to Azure Resources

Enable automatic discovery of Azure Resource entities

You can configure automatic import from Azure:

  1. Next to Auto import from AWS, Azure, and/or Google Cloud, click the toggle to enable the import.

Discover ownership for Azure Resources

Cortex can automatically discover ownership for your Azure resources. To configure this:

  • Make sure that your Azure resources have a tag matching the x-cortex-tag of the corresponding Cortex team

    • By default, Cortex looks for the owner tag. You can also customize the tag key name on the Settings page.

Cortex syncs ownership from Azure Resources every day at 6 a.m. UTC.

Define a dependency

Cortex automatically discovers dependencies between your services and resources by scanning for resources with specific Azure Resources tags. By default, a service will have dependencies on any Cortex resource that has a corresponding Azure Resources resource with Azure Resources tag key = "service" and tag value = the service's Cortex tag.

Import entities from Azure Resources

Editing the entity descriptor

You can associate a Cortex entity with one or more Azure Resources entities. Cortex will display those Azure Resources entities' metadata on the Cortex entity page.

When the entity is connected to Azure, the entity YAML will look like the following:

x-cortex-azure:
  ids:
  - id: /subscriptions/1fbb2da1-2ce7-45e4-b85f-676ab8e685b9/resourceGroups/GROUP1/providers/Microsoft.Compute/disks/vm1_disk1_3d9f85717666435e9e87e4883d31a7e9
    alias: my-default-alias # alias is optional and only relevant if you have opted into multi account support
  - id: /subscriptions/1fbb2da1-2ce8-45e4-b85f-676ab8e685b0/resourceGroups/GROUP2/providers/Microsoft.Compute/disks/vm1_disk1_3d9f85717666435e9e87e4883d31a7e0
    alias: my-other-alias # alias is optional and only relevant if you have opted into multi account support

Scorecards and CQL

With the Azure Resources integration, you can create Scorecard rules and write CQL queries based on Azure Resources details.

Get Azure Resource details for entity

Get Azure Resource details for an entity.

Definition: azureResource.details(): Object

Examples

In a Scorecard, you can write a rule to make sure an entity has Azure Resource details:

azureResource.details() != null

Make sure an entity has an environment tag:

azureResource.details().resources.filter((resource) => jq(resource, ".metadata.\"environment\"") != null).length > 0

Make sure an entity has a health check:

jq(azureResource.details(), ".resources[].metadata.siteConfig.healthCheckPath") != null

Make sure an entity has a tag with a certain key and value:

azureResource.details().resources.filter((resource) => resource.tags.get("tag-key") == "tag-value").length > 0

Background sync

Cortex conducts a background sync of Azure Resources every day at 10 a.m. UTC and an ownership sync every day at 6 a.m. UTC.

FAQs and troubleshooting

Why is the Azure resource type microsoft-resources-subscriptions-resourcegroups not pulling in Azure Resource details?

Cortex pulls from the Azure Resource API, but not from the Azure Resource Group API. If you would like to submit a feature request for support of Azure Resource Groups, please contact our customer engineering team.

The following options are available to get assistance from the Cortex Customer Engineering team:

  • Chat: Available in the Resource Center

  • Slack: Users with a connected Slack channel will have a workflow added to their account. From here, you can either @CortexTechnicalSupport or add a :ticket: reaction to a question in Slack, and the team will respond directly.

Don’t have a Slack channel? Talk with your Customer Success Manager.

In Cortex, navigate to the :

You will be redirected to the Azure Resources Settings page in Cortex, where you can optionally choose to include only specified Azure resource types for this integration. You can also enable for any discovered entities of known types.

In Cortex, navigate to the .

Enable the “Sync ownership from Azure” toggle in the in Cortex.

On the , you can customize the tag key names for dependencies.

For more information on defining dependencies, please see the .

See the for instructions on importing entities.

See more examples in the in Cortex.

Still need help?

Email: , or open a support ticket in the in app Resource Center

Azure Resources
client secret
Reader role
Azure Resources settings page
Entities Settings page
Azure Resources Settings page
Azure Resources settings page
Dependencies documentation
CQL Explorer
​
help@cortex.io
automatic import
Create services documentation