- Overview
- Getting started with Portal
- Multicloud Inventory
- Multicloud Arc Onboarding
- View and query asset inventory
The Microsoft Multicloud Connector allows customers to connect their non-Azure public cloud resources to Azure, providing customers with a centralized source for management and governance. Today, the Connector supports AWS environments but we plan to expand to other clouds in the future. The Multicloud Connector supports Multicloud solutions:
- Multicloud Inventory allows you to see an up-to-date view of your resources from other public clouds in Azure, providing you with a single place to see all of your cloud resources. In addition, you can query for all your cloud resources through Azure Resource Graph. When the assets are represented in Azure, metadata from the source cloud is also included. For instance, if you need to query all of your Azure and AWS resources with a certain tag, you can do so with Multicloud Inventory. The Inventory solution will scan your source cloud on a periodic basis to ensure a complete, correct view is represented in Azure. You can also apply Azure tags or Azure policies on these resources.
- Arc Onboarding auto-discovers EC2 instances running in your AWS environment and installs the Arc agent on the VMs. This simplified experience will enable customers to onboard to Azure management services such as Azure Monitor, providing a centralized way for customers to manage their Azure and AWS VMs.
You need to have the following permissions in AWS to create the connector and solutions. Please refer to this document for how to grant permissions to a user should you have any question. For the Connector & Inventory solution:
- AmazonS3FullAccess
- AWSCloudFormationFullAccess
- IAMFullAccess
For the Arc Onboarding solution, you also need the following:
- AmazonEC2FullAccess permissions
- EC2 instances need to have the SSM agent installed. The IAM role of
ArcForServerSSMInstanceProfilewill be generated during the onboarding process.
In Azure, to create the Connector and Solutions, you need to be a Subscription Contributor. If this is the first time you are using the service, you will also need to register the following resource providers which requires Contributor access on the subscription:
- Microsoft.HybridConnectivity
- Microsoft.AwsConnector
Note
The Multicloud Connector works side by side along with the Defender for Cloud Connector. You can leverage both Connectors if you choose.
In Azure, you will need to create the connector and solution configurations in one of the supported Azure regions below:
- East US, West US Central, Canada Central, West Europe
In AWS, we will scan for resources in the following regions:
- us-east-1, us-east-2, us-west-1, us-west-2, ca-central-1, ap-southeast-1, ap-southeast-2, ap-northeast-1, ap-northeast-3, eu-west-1, eu-west-2, eu-central-1, eu-north-1, sa-east-1
For EC2 instances that already have the Arc agent, please do not use the inventory solution. This will create a duplicate record of the EC2 instance in Azure. We are planning on supporting existing EC2 VMs with the Arc agent installed and just reusing the existing resource for inventory.
- Get Started with Azure Portal
- Learn more about the Connector and Auth
- Learn more about Inventory Solution
- Learn more about Arc onboarding solution
- View and query asset inventory
Please see our support policy.
This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
