Azure Files
How to configure Azure Files connection for to scanning.
Last updated
Was this helpful?
How to configure Azure Files connection for to scanning.
Last updated
Was this helpful?
Login to
If there are multiple tenants to choose from, use the Settings icon in the top menu to switch to the tenant in which needs to be registered to the application from the Directories + subscriptions menu.
Browse to App Registration and select New registration
On the App Registration page enter below information and click Register button
Name: (Enter a meaningful application name that will be displayed to users of the app)
Supported account types:
Select which accounts the application will support. The options should be similar to those below. Select �Accounts in this organizational directory only�:
Leave the Redirect URI as empty and Click Register
Note the Application (client) ID, Directory (tenant) ID values
Navigate to Manage -> Certificates and secrets on the left menu, to create a new client secret
Provide a meaningful description and expiry to the secret, and click on Add
Once a client secret is created, note its Value and store it somewhere safe. NOTE: this value cannot be viewed once you leave this page
Navigate to Manage -> API permissions on the left menu, and Add a permission
Select Microsoft APIs -> Microsoft Graph
Select Application permissions
Permissions required
Microsoft Graph > Application permissions > Device > Device.Read.All
Microsoft Graph > Application permissions > Directory > Directory.Read.All
Microsoft Graph > Application permissions > Group > Group.Read.All
Microsoft Graph > Application permissions > User > User.Read.All
Once all the required permissions are added, click "Grant admin consent"
If there are multiple tenants to choose from, use the Settings icon in the top menu to switch to the tenant in which needs to be registered to the application from the Directories + subscriptions menu.
Browse to Storage accounts and select the account to be scanned
Once the storage account is selected, note the Resouce group and Subscription ID values in the Overview page
Navigate to Security + networking -> Access keys on the left menu, and click on Show on the Connection string
Copy this Connection string value
Access Control (IAM) Role assignment
In the storage account, go to Access Control (IAM) and assign Reader role to the azure app created in the first step
Save the changes.
Navigate to Administration -> Data Sources -> Azure Files -> New scan
Provide the Connection string value obtained from above steps
Click on the Folder icon in Path to select a particular share to scan, or leave the path as empty to scan all shares
Save the configuration
Once the configuration is saved, click on the icon on the right and select Start file scan to begin scanning
The results can be viewed under Dashboard -> Enterprise Search
A is needed for the storage account you wish to scan.
Login to
