Azure forensics Instance Re-grant FAQs
Azure forensics Instance Re-grant FAQs
This article contains some commonly asked questions on Azure forensics instance regrant.
What are App Registration credentials?
App Registration is the service principal used by Netskope to access the Azure account for uploading/downloading forensics data. The App Registration credentials enable authenticated API access for performing these operations. These credentials consist of directory ID, client ID and an expirable client secret.
What is a Storage Account key?
The Storage Account key is a shared access key used for accessing an Azure storage account. These keys are fetched and securely stored by Netskope.
How do App Registration credentials expire?
The App Registration client secret will expire after the expiry time set at the time of secret creation has elapsed.
How do Storage Account keys expire?
Storage Account keys have no pre-configured expiry date. They can only be manually rotated, based on this the existing keys are invalidated.
If the App Registration credentials expire, do we need to regrant?
It is always recommended to regrant access upon client secret change, as it allows Netskope to keep the Storage Account keys up to date. However, the forensics data upload is not impacted, if the regrant is not performed as long as there is no change in the Storage Account keys.
If the storage account keys expire, do we need to regrant?
No, the new keys will be fetched automatically by Netskope if the app credentials are valid. Please ensure that the App Registration credentials are valid for uninterrupted forensics data upload/download.