Azure Virtual Machine

The Azure Virtual Machine Input component collects list of virtual machines and their metrics and metadata from Azure subscriptions using the Azure Resource Manager API.

Sync Type: Full Sync

Details

The Microsoft Azure Virtual Machine input ingests list of all the virtual machines which belongs to a particular subscription with their metadata from the Azure Resource Manager API.

Requirements

Before setting up the Microsoft Azure Virtual Machine input, you need to:

1. Have a Microsoft Account with an active Azure Subscription.
2. Register a new Application in App Registrations in Azure Entra ID portal.
3. Make sure this new application has the following permissions -
   • Microsoft Graph - User.Read
   • Azure Service Management - user_impersonation

Required Permissions for managed identity

The service principal or managed identity requires the following Azure RBAC permissions:

• Microsoft.Compute/virtualMachines/read
• Microsoft.Compute/virtualMachines/instanceView/read
• Microsoft.Resources/subscriptions/resourceGroups/read

Minimum role assignment: Reader role on the subscription or resource group scope.

Setting up API Access

1. Registering a new application
   1. Open the App Registration page in the Azure Entra ID portal.
   2. Select New Registration.
   3. Add a name to the new registration.
   4. Click Register.
   5. Save the applications Application (client) ID and Directory (tenant) ID.
   6. Select Certificates and Secrets.
   7. Click link next to Client credentials.
   8. In "Client secrets" click "New client secret".
   9. Add a name and expiration to the new secret.
   10. Save the client secret value.
2. Give application access to Microsoft Graph API
   1. Click "API Permissions" on left sidebar.
   2. Click "Add Permission".
   3. Select "Microsoft Graph API".
   4. Select "User".
   5. Select "User.Read".
3. Give application access to Azure Service Manangement
   1. Click "Add Permission".
   2. Select "Azure Service Management".
   3. Select "user_impersonation".
4. On the API permission page, click on "Grant admin consent for Default Directory".
5. Grant access to your User
   1. Navigate to Subscriptions.
   2. Select the active Subscription.
   3. Click "Access control (IAM)" on the left menu.
   4. Select "Add Role Assignment" from the "+ Add" menu.
   5. Select the Reader role and click Next.
   6. Click "Select members".
   7. Search for the new application name and click Select.
   8. Click "Review + assign".
   9. Confirm by clicking "Review + assign".

Configuration

Settings

Setting	Type	Required	Description
Tenant ID	string	true	The tenant ID of the Azure AD application
Subscription ID	string	false	The subscription ID of the Azure subscription
cron	string	Yes	Cron schedule for periodic alert collection (e.g., "0 */1 * * *" for every hour)

Secrets

Setting	Type	Required	Description
Client ID	string	true	The client ID of the Azure AD application
Client Secret	string	true	The client secret of the Azure AD application

Related Articles

• Setting up an application
• Azure Virtual Machines - List All API
• List of permissions

Sample Record

{
  "name": "Sarah Miller",
  "id": "/subscriptions/0ddac025-4393-b964-f908-77790d7b1de9/resourceGroups/rg-1/providers/Microsoft.Compute/virtualMachines/Alice Brown",
  "type": "Microsoft.Compute/virtualMachines",
  "location": "John Brown",
  "properties": {
    "hardwareProfile": {
      "vmSize": "Standard_B1s"
    },
    "provisioningState": "Succeeded",
    "vmId": "975eeb33-1657-0f4b-34f8-50f1cbef0ac3",
    "additionalCapabilities": {
      "hibernationEnabled": false
    },
    "storageProfile": {
      "imageReference": {
        "publisher": "John Miller",
        "offer": "Tom Jones",
        "sku": "server",
        "version": "latest",
        "exactVersion": "2"
      },
      "osDisk": {
        "osType": "Linux",
        "name": "Jane Miller",
        "createOption": "FromImage",
        "caching": "",
        "managedDisk": {
          "id": "/subscriptions/67d55996-5f58-1a88-2927-0cc38725a3a6/resourceGroups/rg-1/providers/Microsoft.Compute/disks/Tom Williams"
        },
        "deleteOption": ""
      },
      "dataDisks": [],
      "diskControllerType": ""
    },
    "osProfile": {
      "computerName": "Alice Johnson",
      "adminUsername": "u1",
      "linuxConfiguration": {
        "disablePasswordAuthentication": true,
        "ssh": {
          "publicKeys": [
            {
              "path": "",
              "keyData": "ssh-rsa generated-by-azure"
            }
          ]
        },
        "provisionVMAgent": true,
        "patchSettings": {
          "patchMode": "Default",
          "assessmentMode": "Default"
        }
      },
      "secrets": [],
      "allowExtensionOperations": true,
      "requireGuestProvisionSignal": false
    },
    "securityProfile": {
      "uefiSettings": {
        "secureBootEnabled": true,
        "vTpmEnabled": false
      },
      "securityType": "TrustedLaunch"
    },
    "networkProfile": {
      "networkInterfaces": [
        {
          "id": "/subscriptions/4ff0335f-fddc-5561-bb53-5ec83914fc4a/resourceGroups/rg-1/providers/Microsoft.Network/networkInterfaces/Alice Johnson",
          "properties": {
            "deleteOption": ""
          }
        }
      ]
    },
    "diagnosticsProfile": {
      "bootDiagnostics": {
        "enabled": true
      }
    },
    "timeCreated": "2025-08-11T23:46:43Z"
  },
  "etag": "",
  "zones": [],
  "resources": [
    {
      "id": "/subscriptions/d104713b-d67e-f7a7-294b-ec593cb0242a/resourceGroups/rg-1/providers/Microsoft.Compute/virtualMachines/Sarah Smith/extensions/MDE.Linux"
    }
  ]
}