The provided credentials do not have access to any subscriptions

[mkannan22]

Global Admin There is no Azure subscriptions, but looking to pull down Azure data. Command: scout azure --user-account-browser --tenant xxxxxx-xxxx-xxx-xxx-xxxxxx --all-subscriptions Logged into via browser successfully Output after authenticating through Resource Manager API and Azure AD Graph API: ERROR main.py L229: Initialization failure: The provided credentials do not have access to any subscriptions

Installed as outlined in wiki (tried just python, but current version is python3.9, unsupported, so specified 3.7) virtualenv -p python3.7 venv source venv/bin/activate pip install scoutsuite python - v output is 3.7.8

Does this support Azure when configured with no subscriptions?

[x4v13r64]

It does not (currently). The only service not subscription-based is AAD, so I guess we could allow for running against no subscriptions though.

[fsacer]

how much work would it be to implement this quickly?

[x4v13r64]

It's a relatively simple logic change, but not something we plan on implementing in the short terms.

[x4v13r64]

The subscription validation is implemented here https://github.com/nccgroup/ScoutSuite/blob/master/ScoutSuite/providers/azure/facade/base.py#L78, not sure if it runs out of the box if subscriptions_list is empty.

[Frozeph]

Is there any other way to have Scout only run the AAD scans and ignore the lack of subs?