Azure Compute v2

Create and Manage Azure Virtual Machines
This integration was integrated and tested with Azure Compute API Version: 2017-12-01.

Authentication

For more details about the authentication used in this integration, see Microsoft Integrations - Authentication .
  • After authorizing the Demisto app, you will get an ID, Token, and Key, which should be inserted in the integration instance configuration's corresponding fields. After giving consent, the application has to have a role assigned so it can access the relevant resources per subscription.
  • In order to assign a role to the application after consent was given:
    • Go to the Azure Portal UI.
    • Go to Subscriptions, and then Access Control (IAM).
    • Click Add.
    • Select a role that includes the following permissions:
      • Microsoft.Compute/virtualMachines/*
      • Microsoft.Network/networkInterfaces/read
    • Select the Azure Secruity Center application.

Configure Azure Compute v2 on Demisto

  1. Navigate to Settings > Integrations > Servers & Services .
  2. Search for Azure Compute v2.
  3. Click Add instance to create and configure a new integration instance.
    • Name : a textual name for the integration instance.
    • Host URL (e.g. https://management.azure.com)
    • ID (received from the admin consent - see Detailed Instructions (?)
    • Token (received from the admin consent - see Detailed Instructions (?) section)
    • Key (received from the admin consent - see Detailed Instructions (?)
    • Default Subscription ID
    • Use system proxy
    • Trust any certificate (not secure)
    • Use a self-deployed Azure Application
  4. Click Test to validate the new instance.

Commands

You can execute these commands from the Demisto CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

1. List VM instances for a resource group


List the VM instances in the specified Resource Group.

Base Command

azure-vm-list-instances

Input
Argument Name Description Required
resource_group Resource Group of the VMs. To see all the resource groups associated with your subscription try executing the azure-list-resource-groups command. If none are present then please visit the Azure Web Portal to create resource groups. Required

Context Output
Path Type Description
Azure.Compute.Name string Name of the VM
Azure.Compute.Location string Location of the VM
Azure.Compute.ProvisioningState string Provisioning State of the VM
Azure.Compute.ResourceGroup string Resource group where the VM resides in
Azure.Compute.ID string ID of the VM
Azure.Compute.Size number Size of the deployed VM (in GB)
Azure.Compute.OS string OS running on the VM

Command Example
!azure-vm-list-instances resource_group=compute-integration
Context Example
{
    "Azure.Compute": [
        {
            "Name": "TestOAuth", 
            "ResourceGroup": "compute-integration", 
            "Location": "westeurope", 
            "Size": 32, 
            "OS": "Linux", 
            "ID": "a050ff2e-85ab-44d9-b822-3bc3111739e0", 
            "ProvisioningState": "Succeeded"
        }
    ]
}
Human Readable Output

Microsoft Azure - List of Virtual Machines in Resource Group “compute-integration”

Name ID Size OS Location ProvisioningState ResourceGroup
TestOAuth a050ff2e-85ab-44d9-b822-3bc3111739e0 32 Linux westeurope Succeeded compute-integration

2. Power on a VM


Powers-on a specified VM.

Base Command

azure-vm-start-instance

Input
Argument Name Description Required
resource_group Resource Group to which the virtual machine belongs.
To see all the resource groups associated with your subscription try executing the azure-list-resource-groups command. If none are present visit the Azure Web Portal to create resource groups.
Required
virtual_machine_name Name of the virtual machine to power-on.
To see all the VMs with their associated names for a specific resource group try executing the azure-vm-list-instances command.
Required

Context Output
Path Type Description
Azure.Compute.Name string Name of the VM that was started
Azure.Compute.ResourceGroup string Resource group the VM resides in
Azure.Compute.PowerState string Whether the VM instance is powered on or off

Command Example
!azure-vm-start-instance resource_group=compute-integration virtual_machine_name=TestOAuth
Context Example
{
    "Azure.Compute": {
        "ResourceGroup": "compute-integration", 
        "PowerState": "VM starting", 
        "Name": "TestOAuth"
    }
}
Human Readable Output

Power-on of Virtual Machine “TestOAuth” Successfully Initiated

ResourceGroup PowerState Name
compute-integration VM starting TestOAuth

3. Power off a VM


Powers-off a specified VM.

Base Command

azure-vm-poweroff-instance

Input
Argument Name Description Required
resource_group Resource Group to which the virtual machine belongs.
To see all the resource groups associated with your subscription try executing the azure-list-resource-groups command. If none are present then please visit the Azure Web Portal to create resource groups.
Required
virtual_machine_name Name of the virtual machine to power-off.
To see all the VMs with their associated names for a specific resource group try executing the azure-vm-list-instances command.
Required

Context Output
Path Type Description
Azure.Compute.Name string Name of the VM that was powered down
Azure.Compute.ResourceGroup string Resource group the VM resides in
Azure.Compute.PowerState string Whether the VM instance is powered on or off

Command Example
!azure-vm-poweroff-instance resource_group=compute-integration virtual_machine_name=TestOAuth
Context Example
{
    "Azure.Compute": {
        "ResourceGroup": "compute-integration", 
        "PowerState": "VM stopping", 
        "Name": "TestOAuth"
    }
}
Human Readable Output

Power-off of Virtual Machine “TestOAuth” Successfully Initiated

ResourceGroup PowerState Name
compute-integration VM stopping TestOAuth

4. Get details for a VM


Gets the properties of a specified VM.

Base Command

azure-vm-get-instance-details

Input
Argument Name Description Required
resource_group Resource Group to which the virtual machine belongs.
To see all the resource groups associated with your subscription try executing the azure-list-resource-groups command. If none are present then please visit the Azure Web Portal to create resource groups.
Required
virtual_machine_name Name of the virtual machine you wish to view the details of.
To see all the VMs with their associated names for a specific resource group try executing the azure-vm-list-instances command.
Required

Context Output
Path Type Description
Azure.Compute.Name string Name of the VM whose details were requested
Azure.Compute.ID string ID of the VM
Azure.Compute.Size number Size of the deployed VM in gigabytes
Azure.Compute.OS string OS running in the specified VM
Azure.Compute.ProvisioningState string Provisioning state of the deployed VM
Azure.Compute.Location string Region in which the VM is hosted
Azure.Compute.PowerState string Whether the VM instance is powered on or off
Azure.Compute.ResourceGroup string Resource group in which the VM belongs

Command Example
!azure-vm-get-instance-details resource_group=compute-integration virtual_machine_name=TestOAuth
Context Example
{
    "Azure.Compute": {
        "PowerState": "VM starting", 
        "Name": "TestOAuth", 
        "ResourceGroup": "compute-integration", 
        "Location": "westeurope", 
        "Size": 32, 
        "OS": "Linux", 
        "ID": "a050ff2e-85ab-44d9-b822-3bc3111739e0", 
        "ProvisioningState": "Updating"
    }
}
Human Readable Output

Properties of VM “TestOAuth”

Name ID Size OS ProvisioningState Location PowerState
TestOAuth a050ff2e-85ab-44d9-b822-3bc3111739e0 32 Linux Updating westeurope VM starting

5. Create a VM instance


Creates a virtual machine instance with the specified OS image.

Base Command

azure-vm-create-instance

Input
Argument Name Description Required
resource_group Resource group to which the new VM will belong.
To see all the resource groups associated with your subscription try executing the azure-list-resource-groups command. If none are present then please visit the Azure Web Portal to create resource groups.
Required
virtual_machine_name Name of the virtual machine to create Required
virtual_machine_location Location to create the VM Required
nic_name The name of the Network Interface to link the VM with. A Network Interface has to be created from within the Azure Portal. Note that the vm’s location property must match that of the Network Interface you choose to link it to.
To see a list of available Network Interfaces visit the Azure Web Portal, navigate to the search bar at the top of the page, type in ‘network interfaces’ and in the drop-down menu that appears as you type, click on the ‘Network interfaces’ option that appears under the ‘Services’ category. If none are present, you will need to create a new Network Interface which you can do by clicking the ‘+Add’ button towards the top left of the page and following the instructions.
For more information regarding Network Interfaces see the Microsoft API documentation .
Required
vm_size The name of a VirtualMachineSize which determines the size of the deployed vm.
For more information see the Microsoft API documentation .
Required
os_image Choose the base operating system image of the vm Optional
sku SKU of the OS image to be used.
To see a list of available SKUs, visit your Azure Web Portal, click the symbol that looks similar to a ‘>’ along the top bar of the page which should open a cloud shell. Make sure it is a bash shell.
At the command prompt enter az vm image list-skus along with the appropriate arguments that it will prompt you with to display the list of VM image SKUs available in the Azure Marketplace.
Optional
publisher Name of the publisher of the OS image.
To see a list of available publishers, visit your Azure Web Portal, click the symbol that looks similar to a ‘>’ along the top bar of the page which should open a cloud shell. Make sure it is a bash shell.
At the command prompt enter az vm image list-publishers along with the appropriate arguments that it will prompt you with to display the list of VM image publishers available in the Azure Marketplace.
Optional
version Version of the image to use.
The allowed formats are Major.Minor.Build or ‘latest’. Major, Minor, and Build are decimal numbers.
Specify ‘latest’ to use the latest version of an image available at deploy time.
Optional
offer Specifies the offer of the platform image or marketplace image used to create the virtual machine.
To see a list of available offers, visit your Azure Web Portal, click the symbol that looks similar to a ‘>’ along the top bar of the page which should open a cloud shell. Make sure it is a bash shell.
At the command prompt enter az vm image list-offers along with the appropriate arguments that it will prompt you with to display the list of VM image offers available in the Azure Marketplace.
Optional
admin_username Admin Username to be used when creating the VM Optional
admin_password Admin Password to be used when creating the VM Optional

Context Output
Path Type Description
Azure.Compute.Name string Name of the created VM instance
Azure.Compute.ResourceGroup string Resource group the VM resides in
Azure.Compute.ID string ID of the VM
Azure.Compute.Size number Size of the deployed VM in gigabytes
Azure.Compute.OS string OS running in the specified VM
Azure.Compute.ProvisioningState string Provisioning state of the deployed VM
Azure.Compute.Location string Region in which the VM is hosted

Command Example
!azure-vm-create-instance resource_group=compute-integration nic_name=compute-integration-nic1 virtual_machine_location=westeurope vm_size=Standard_D1_v2 virtual_machine_name=DemoVM os_image="Ubuntu Server 18.04 LTS"
Context Example
{
    "Azure.Compute": {
        "Name": "DemoVM", 
        "ResourceGroup": "compute-integration", 
        "Location": "westeurope", 
        "Size": "NA", 
        "OS": "Linux", 
        "ID": "106a46b3-e999-44fd-be41-270a76e722fa", 
        "ProvisioningState": "Creating"
    }
}
Human Readable Output

Created Virtual Machine “DemoVM”

Name ResourceGroup Location Size OS ID ProvisioningState
DemoVM compute-integration westeurope NA Linux 106a46b3-e999-44fd-be41-270a76e722fa Creating

6. Lists the subscriptions for this application.


Lists the subscriptions for this application.

Base Command

azure-list-subscriptions

Input
No inputs for this command.

Context Output
Path Type Description
Azure.Subscription.Name string Subscription Name
Azure.Subscription.ID string Subscription ID
Azure.Subscription.State string Subscription State

Command Example
!azure-list-subscriptions
Context Example
{
    "Azure.Subscription": [
        {
            "Name": "My subscription", 
            "ID": "/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/cloud-shell-storage-eastus", 
            "State": "Enabled"
        }, 
    ]
}
Human Readable Output

List of Resource Groups

ID Name State
/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/cloud-shell-storage-eastus My subscription Enabled

6. List all resource groups for the Azure subscription


Lists all resource groups belonging to your Azure subscription.

Base Command

azure-list-resource-groups

Input
Argument Name Description Required
subscription_id Subscription ID to use. Can be retrieved from the azure-sc-list-subscriptions command. If not specified, the default subscripton ID will be used. Required

Context Output
Path Type Description
Azure.ResourceGroup.Name string Name of the Resource Group
Azure.ResourceGroup.ID string ID of the Resource Group
Azure.ResourceGroup.Location string Location of the Resource Group
Azure.ResourceGroup.ProvisioningState string Provisioning State of the Resource Group

Command Example
!azure-list-resource-groups
Context Example
{
    "Azure.ResourceGroup": [
        {
            "Name": "cloud-shell-storage-eastus", 
            "ProvisioningState": "Succeeded", 
            "ID": "/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/cloud-shell-storage-eastus", 
            "Location": "eastus"
        }, 
        {
            "Name": "compute-integration", 
            "ProvisioningState": "Succeeded", 
            "ID": "/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/compute-integration", 
            "Location": "eastus"
        }, 
        {
            "Name": "NetworkWatcherRG", 
            "ProvisioningState": "Succeeded", 
            "ID": "/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/NetworkWatcherRG", 
            "Location": "westeurope"
        }, 
        {
            "Name": "us-east-rg", 
            "ProvisioningState": "Succeeded", 
            "ID": "/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/us-east-rg", 
            "Location": "eastus"
        }, 
        {
            "Name": "us-east-rg-backups", 
            "ProvisioningState": "Succeeded", 
            "ID": "/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/us-east-rg-backups", 
            "Location": "westus"
        }
    ]
}
Human Readable Output

List of Resource Groups

Location ProvisioningState Name ID
eastus Succeeded cloud-shell-storage-eastus /subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/cloud-shell-storage-eastus
eastus Succeeded compute-integration /subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/compute-integration
westeurope Succeeded NetworkWatcherRG /subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/NetworkWatcherRG
eastus Succeeded us-east-rg /subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/us-east-rg
westus Succeeded us-east-rg-backups /subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/us-east-rg-backups

7. Delete a VM instance


Deletes a specified VM instance.

Base Command

azure-vm-delete-instance

Input
Argument Name Description Required
resource_group Resource Group to which the virtual machine belongs.
To see all the resource groups associated with your subscription try executing the azure-list-resource-groups command. If none are present then please visit the Azure Web Portal to create resource groups.
Required
virtual_machine_name Name of the virtual machine to delete.
To see all VMs with their associated names for a specific resource group try executing the azure-vm-list-instances command.
Optional

Context Output

There is no context output for this command.

Command Example
!azure-vm-delete-instance resource_group=compute-integration virtual_machine_name=DemoVM
Human Readable Output

“DemoVM” VM Deletion Successfully Initiated