Azure Cloud Onboarding
New to Fusion cloud onboarding? Start with Fusion Onboarding for Cloud Engineers for deployment models, scope planning, and cloud-specific guidance.
Use one of these three paths to configure Azure VNet flow logs, cloud context, and onboarding to Fusion.
Choose the path that fits your environment:
Manual onboarding — best for a small number of VNets or an initial PoC
Vectra onboarding automation — best for large or dynamic Azure environments
Custom IaC automation — best if you prefer integrating to your existing IaC
1. Manual onboarding
Follow step-by-step guides to configure Azure and Fusion, onboard each VNet, and add cloud context for each subscription.
Best for
Organizations with a small number of VNets and subscriptions that rarely change, or for an initial PoC.
Next steps
2. Vectra Cloud Onboarding Automation for Azure Tenants
For detailed documentation, see Vectra Terraform Cloud Onboarding for Azure Tenants.
Using Terraform to automate onboarding
Access Vectra's Terraform automation at https://github.com/netography/neto-onboarding.
For access to the repo, reach out to your Vectra contact with your GitHub ID or request the latest release package.
Vectra provides the neto-onboarding Terraform project for AWS Organizations, Azure Tenants, and GCP Organizations.
This automation can:
Enable and configure AWS VPC flow logs, Azure VNet flow logs, and GCP VPC flow logs based on policy and tags
Deploy the infrastructure required to integrate with Fusion across multiple accounts, subscriptions, or projects
Add VPCs and VNets configured for flow logging to Vectra Fusion as traffic sources
Deploy a single AWS Lambda, Azure Function, or Google Cloud Function for context enrichment across all in-scope environments
Monitor for VPC and VNet changes, onboard new in-scope networks, and offboard networks that leave scope
Best for
Organizations that want a complete, supported, end-to-end solution for managing flow log configuration and onboarding to Fusion. This is usually the fastest path for large, dynamic, or multi-cloud environments.
Next steps
Reach out to your Vectra contact and request access to the GitHub repo.
Include your GitHub ID, or request the latest release package.
3. Custom IaC automation
Use your existing automation pipelines or scripts to:
Create Azure Storage accounts or blobs for flow log delivery
Configure the permissions Fusion needs to read flow logs from storage and read resource metadata from your Azure subscriptions
Configure VNet flow logs on each VNet to write to Azure Storage
Call the Fusion API to create a Fusion traffic source for each VNet and a Fusion context integration for each subscription that contains relevant resources
Best for
Organizations experienced with Azure IaC that already provision VNets or VNet flow log configurations through automation and want to extend that workflow to Fusion.
Next steps
Vectra's Cloud Onboarding Automation for Azure Tenants, described in option 2, provides example code using Terraform, Azure Functions, and Python for the full onboarding flow. Review that implementation and reach out to Vectra if you need help building custom IaC.
In addition, Fusion traffic source creation and context integration options are documented in Vectra AWS Onboarding Guide for Cloud Automation Engineers. These methods apply across clouds.
Last updated