Skip to main content
Last updated on

Configure authentication to Wiz

Beta

This feature is in Beta. Workspace admins can control access to this feature from the Previews page. See Manage Databricks previews.

This page shows how to configure Wiz to enable authentication from Databricks. The Wiz Audit Logs connector uses OAuth machine-to-machine (M2M) authentication with a Wiz service account to ingest data into Databricks. Use the authentication details that you retrieve from the steps on this page to create a Unity Catalog connection in Databricks.

Prerequisites

  • A Wiz tenant with administrator access to create a service account.
  • Permission to grant the service account read access to the audit logs, issues, and vulnerability findings you want to ingest.

Create a Wiz service account

In this step, you create a service account in Wiz and note the credentials that you use to create a connection in Databricks.

  1. Sign in to your Wiz tenant as an administrator.
  2. Create a service account for the connector:
    1. In the Wiz portal, go to Settings > Access Management > Service Accounts, then click Add Service Account.
    2. Enter a descriptive Name for the service account.
    3. For Type, select Custom Integration (GraphQL API).
    4. Grant the service account the API scopes for the data you want to ingest:
      • read:resources (required for all ingestion)
      • admin:audit to ingest audit log entries
      • read:issues to ingest issues
      • read:vulnerabilities to ingest vulnerability findings
    5. Leave Projects blank. Selecting one or more projects prevents the service account from querying audit logs, because the admin:audit scope is available only when no project is selected.
    6. Create the service account.
  3. Note the service account's Client ID and Client Secret. Copy the client secret immediately, because Wiz does not display it again after you close the dialog. You enter these values when you create a connection in Databricks.
  4. Get your tenant details. Click your profile icon in the top right of the Wiz portal, then click Tenant Info. Note the following values, which you enter when you create a connection in Databricks:
    • On the General tab, the API Endpoint URL. This is your Authentication URL, the token endpoint that the connector uses to exchange the client credentials for an access token. For example, https://auth.app.wiz.io/oauth/token.
    • On the Data Center and Regions tab, your data center. This is your Tenant Data Center.

Next steps

Create a Wiz Audit Logs connection in Databricks. See Create a Wiz Audit Logs connection.

On this page