Skip to main content

CollectorsCloud Collectors Administration Guide

Prerequisites to Configure the Wiz API Cloud Collector

Before you configure the Wiz API Cloud Collector you must complete the following prerequisites:

  • Ensure that you have the Administrative access to the Wiz portal.

  • Obtain the Client ID and Client Secret by contacting the Wiz support team.

  • Obtain the Base URL by accessing the Tenant section on the User Settings page of Wiz.

  • Create a sharable Wiz account.

Obtain the Client ID and Client Secret

Use the following steps to generate a client ID and the client secret by creating a service account in Wiz.

  1. Log in to the Wiz portal as and administrator.

  2. Navigate to Settings > Service Accounts > Add Service Account.

  3. Specify a name for the service account.

  4. In the Type list, select Custom Integration(GraphQL API).

  5. Select the project.

  6. In the API Scopes, select the read:issues permission.

  7. Click Add Service Account. For more information see, Add a Service Account.

  8. Record the Client ID and Client Secret displayed on the user interface to use it while configuring the cloud collector.

Obtain the Base URL

Use the following steps to obtain the Wiz API URL or the Base URL.

  1. Log in to your Wiz account.

  2. Navigate to User Profile > User Settings.

  3. In the left pane, click Tenant and record the API Endpoint URL that is displayed on the user interface.

Add Accounts for Wiz

To set up a sharable account for Wiz in Cloud Collectors:

  1. Log in to the Exabeam Security Operations Platform with your registered credentials as an administrator.

  2. Navigate to Collectors > Cloud Collectors.

  3. Click Accounts, then click New Account.

    Account1.png
  4. In the Add a New Account page, enter the required information.

    Wiz_Account.png
    • VENDOR – Select the vendor as Wiz.

    • NAME – Specify a name for the Wiz account.

    • CLIENT ID – Enter the client ID that you obtained while completing prerequisites.

    • CLIENT SECRET – Enter the client secret that you obtained while completing the prerequisites.

  5. Click Save.

  6. Proceed to configure Wiz (via API) Cloud Collector.

    When you onboard new collectors for Wiz (via API), you must select the Wiz account. You can reuse credentials between different Wiz (via API) cloud collectors.