To import environment diagram data from Azure, you will need to access your Azure Portal at https://portal.azure.com , create a new Service Principle and retrieve a set of credentials for your account.
Open the Azure Portal and launch PowerShell from the top menu bar :
From the command line create a new Service Principal ( In this example we use "HavaServicePrincipal", but you can use any name )
$sp = New-AzADServicePrincipal -DisplayName HavaServicePrincipal
Then assign read only permissions to it.
New-AzRoleAssignment -ApplicationId $sp.ApplicationId -RoleDefinitionName "Reader"
Then decrypt the Secret Key ($password)
Decrypt the Password
$Ptr = [System.Runtime.InteropServices.Marshal]::SecureStringToCoTaskMemUnicode($sp.Secret)
$password = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($Ptr)
You will now be able to retrieve the necessary credentials to plug into Hava.
You now have the credentials to login!
Now log in to Hava which will open up the environments screen. (Skip to Add environments)
If you do not have access to powershell, it is still possible to get your log in credentials, albeit a little more complex.
There are quite a few steps required to allow Hava to access your Azure resources using the Azure Portal.
To allow Hava to import your Azure account you will need to provide access by creating an Active Directory application and assigning read-only permissions to it. To create AD applications you will need admin access to the Azure account.
Using the search bar in the Azure interface, search for
Azure Active Directory
Click and open Azure Active Directory from the search results
App Registration from the left side menu within Azure Active Directory
+ New registration
Enter the following details to register the application.
This will step you through adding a role for the application at the subscription level; this will grant Hava access to read everything in your account but not make any changes. You can also apply the access to a specific resource group or groups, or even individual resources - Hava will only draw the resources you give it access to.
Using the top search bar, Search for
Click and open Subscriptions from the search results
Select the subscription you would like to assign access to by clicking it.
1. On the left menu click
Access control (IAM)
Add role assignment
4. Set role to
5. Select - Type in
Hava now select Hava from the search results, and this should now be added to
You will need four separate parameters to give Hava access to your account, first off is the subscription ID.
While still in the
1. Navigate to
2. Copy the
Subscription ID and paste into Hava.
Azure Active Directory
Open Azure Active Directory
App Registration from the side menu
Click and open
Hava from the app registration list.
Here you will find the
Application ID and
Tenant ID to copy and paste into Hava.
1. Application ID 2. Tenant ID
Click on Certificates & secrets
+ New client secret
HavaAccessKey or any other description you like.
Set Expires to
6. Copy and paste the
Secret Key into Hava
Select "Add Environments"
Click on the "Azure" Tab and enter the credentials you have just gathered from Azure.
Hava will import your Azure Environment, layout the diagram and add the environment tile to the Hava Environments screen. From this point Hava will sync with Azure every hour and log any structural changes, so you always have an accurate visual representation of your Azure Environment and a versioning audit trail of any changes made.
Hava visualises the important components of all the environments it supports. There are other attributes that are displayed when visualised elements are selected to keep the diagrams clean and readable.
Here is a list of imported Azure resources. Visualised resources will appear as a container or icon. Attributes will appear in the Attributes sidebar as elements are selected.
Local Network Gateway
Network Security Group
Virtual Machine Extension
Virtual Machine Scale Set
Virtual Network Gateway
Virtual Network Peering