announcement
product
Introducing the new Microsoft Entra ID (Azure AD) Source Plugin
Erez Rokah •
Many organizations use Microsoft Entra ID (Azure AD) to enhance security, for access management, and ensure compliance, however correlating data from Microsoft Entra ID with other services like AWS or Azure can be challenging.
Our recently released Microsoft Entra ID plugin enables you to gain insights from Microsoft Entra ID across your organization and correlate it with other data sources.
Why Microsoft Entra ID + CloudQuery? #
The Microsoft Graph API is a powerful tool for accessing data from Microsoft Entra ID. However, querying and correlating data from Microsoft Entra ID with other data sources can be complex and time consuming. The Microsoft Entra ID source plugin simplifies this process by providing a unified interface to query and sync data from Microsoft Entra ID with other data sources.
Since you can use CloudQuery to send the data to multiple destinations, for example PostgreSQL, you don't have to learn the Microsoft Graph API query language and can use SQL instead.
Use cases #
Let's take a look at a couple of examples to help you get started with the Microsoft Entra ID source plugin.
List all Azure roles an Entra ID group has #
The following query lists all the Azure roles that a specific Entra ID group (named
Security
) has:select properties->>'roleName' as role_name from azure_authorization_role_definitions
where id in (
select properties->>'roleDefinitionId' from azure_authorization_role_assignments
where properties->>'principalId' in (
select id from entraid_groups
where display_name = 'Security'
)
)
List all users with a specific Azure role #
The following query lists all the users that have the
Azure AI Developer
role:select display_name from entraid_users
where id in (
select properties->>'principalId' from azure_authorization_role_assignments
where properties->>'roleDefinitionId' = (
select id from azure_authorization_role_definitions
where properties->>'roleName' = 'Azure AI Developer'
)
)
Getting Started #
To get started syncing Entra ID, see the Entra ID source plugin documentation for instructions.
For the queries in this blog, you can use the example configuration below to sync the data needed.
Example Configuration #
kind: source
spec:
name: 'entraid'
path: 'cloudquery/entraid'
version: 'VERSION_SOURCE_ENTRAID'
destinations: ['postgresql']
tables: ['entraid_users', 'entraid_groups']
---
kind: source
spec:
name: 'azure'
path: 'cloudquery/azure'
version: 'VERSION_SOURCE_AWS'
destinations: ['postgresql']
tables: ['azure_authorization_role_assignments', 'azure_authorization_role_definitions']
---
kind: destination
spec:
name: 'postgresql'
path: 'cloudquery/postgresql'
version: 'VERSION_DESTINATION_POSTGRESQL'
migrate_mode: forced
spec:
connection_string: 'postgresql://postgres:pass@localhost:5432/postgres?sslmode=disable'
Incremental syncing #
To prevent repeated syncing of the same data CloudQuery supports incremental tables.
See more about incremental syncing in the plugin documentation.
Ready to dive deeper?
Join the CloudQuery Discord community to connect with other users and experts.
You can also try out CloudQuery locally with our quick start guide or explore CloudQuery Cloud (currently in beta) for a more scalable solution.