projectdiscovery · ehsandeep · Oct 17, 2025 · Oct 17, 2025
diff --git a/cloud/integrations.mdx b/cloud/integrations.mdx
@@ -48,7 +48,7 @@
  <Card title="Cloudflare" icon="cloudflare" href="#cloudflare">

  </Card>
  <Card title="Fastly" icon="bolt" href="#fastly">

  </Card>
  <Card title="DigitalOcean" icon="digital-ocean" href="#digitalocean">
@@ -192,7 +192,7 @@
  Click here to open the AWS integration configuration page in the ProjectDiscovery Cloud platform
 </Card>

 ProjectDiscovery's AWS integration allows the platform to automatically discover and monitor cloud assets across your AWS accounts. By connecting AWS to ProjectDiscovery, security teams and DevOps engineers gain continuous visibility into EC2 instances, S3 buckets, DNS records, and other resources without manual inventory. This integration leverages ProjectDiscovery's open-source **Cloudlist** engine to enumerate assets via AWS APIs. In short, it helps ensure no cloud asset goes unnoticed, enabling proactive security monitoring and easier management of your attack surface.

 <img
  src="/images/aws-integration.png"
@@ -204,7 +204,7 @@

 | Service                                               | Description                                   |
 | :---------------------------------------------------- | :-------------------------------------------- |
 | [EC2](https://aws.amazon.com/ec2/)                    | VM instances and their public IPs             |
 | [Route53](https://aws.amazon.com/route53/)            | DNS hosted zones and records                  |
 | [S3](https://aws.amazon.com/s3/)                      | Buckets (especially those public or with DNS) |
 | [Cloudfront](https://aws.amazon.com/cloudfront/)      | CDN distributions and their domains           |
@@ -212,8 +212,8 @@
 | [EKS](https://aws.amazon.com/eks/)                    | Kubernetes cluster endpoints                  |
 | [ELB](https://aws.amazon.com/elasticloadbalancing/)   | Load balancers (Classic ELB and ALB/NLB)      |
 | [ELBv2](https://aws.amazon.com/elasticloadbalancing/) | Load balancers (Classic ELB and ALB/NLB)      |
 | [Lambda](https://aws.amazon.com/lambda/)              | Serverless function endpoints                 |
 | [Lightsail](https://aws.amazon.com/lightsail/)        | Lightsail instances (simplified VPS)          |
 | [Apigateway](https://aws.amazon.com/api-gateway/)     | API endpoints deployed via Amazon API Gateway |

 By covering these services, ProjectDiscovery can map out a broad range of AWS assets in your account. (Support for additional services may be added over time.)
@@ -292,7 +292,7 @@
 - S3 - AmazonS3ReadOnlyAccess
 - Lambda - AWSLambda_ReadOnlyAccess
 - ELB - ElasticLoadBalancingReadOnly
 - Cloudfront - CloudFrontReadOnlyAccess

 Alternatively, you can use this custom policy for minimal permissions:

@@ -527,15 +527,32 @@
 Supported Azure Services:
 
 - Virtual Machines
+- Public IP Addresses  
+- Traffic Manager
+- Storage Accounts
+- Azure Kubernetes Service (AKS)
+- Content Delivery Network (CDN)
+- DNS Zones and Records
+- Application Gateway & Load Balancer
+- Container Instances
+- App Service & Web Apps
+- Azure Functions
+- API Management
+- Front Door
+- Container Apps
+- Static Web Apps
 
 **Azure Integration Method:**
 
-To connect ProjectDiscovery to your Azure account, you will need to create and configure an **App Registration** in Azure Active Directory. This process generates a Service Principal with the necessary credentials and permissions to monitor your cloud assets in a secure, read-only manner.
+ProjectDiscovery Cloud Platform uses Microsoft's modern **Track 2 SDK** for Azure integration, providing enhanced security, performance, and support for the latest Azure services. The integration supports **6 authentication methods** to accommodate various cloud deployment scenarios while maintaining 100% backward compatibility with existing configurations.
 
-The required credentials are:
+### Quick Setup Options
+
+**For most users (Service Principal method):**
+Create an App Registration in Azure Active Directory with the following required credentials:
 
 - Azure Tenant ID
-- Azure Subscription ID
+- Azure Subscription ID  
 - Azure Client ID
 - Azure Client Secret
 
@@ -556,7 +573,7 @@
 {
   "properties": {
     "roleName": "CloudList Reader",
-    "description": "Minimal permissions for CloudList to discover Azure resources (VMs, Public IPs, Traffic Manager)",
+    "description": "Minimal permissions for CloudList to discover Azure resources including VMs, Storage, AKS, CDN, DNS, and more",
     "assignableScopes": [
       "/subscriptions/<REPLACE_WITH_SUBSCRIPTION_ID>"
     ],
@@ -568,7 +585,22 @@
           "Microsoft.Compute/virtualMachines/read",
           "Microsoft.Network/networkInterfaces/read",
           "Microsoft.Network/publicIPAddresses/read",
-          "Microsoft.Network/trafficManagerProfiles/read"
+          "Microsoft.Network/trafficManagerProfiles/read",
+          "Microsoft.Storage/storageAccounts/read",
+          "Microsoft.ContainerService/managedClusters/read",
+          "Microsoft.Cdn/profiles/read",
+          "Microsoft.Cdn/profiles/endpoints/read",
+          "Microsoft.Network/dnszones/read",
+          "Microsoft.Network/dnszones/recordsets/read",
+          "Microsoft.Network/applicationGateways/read",
+          "Microsoft.Network/loadBalancers/read",
+          "Microsoft.ContainerInstance/containerGroups/read",
+          "Microsoft.Web/sites/read",
+          "Microsoft.Web/sites/functions/read",
+          "Microsoft.ApiManagement/service/read",
+          "Microsoft.Network/frontDoors/read",
+          "Microsoft.App/containerApps/read",
+          "Microsoft.Web/staticSites/read"
         ],
         "notActions": [],
         "dataActions": [],
@@ -581,28 +613,32 @@

   - If you only need specific services, you can further reduce actions. For example:
      - Virtual machines: `Microsoft.Compute/virtualMachines/read`, plus RG/subscription reads
      - Public IPs: `Microsoft.Network/publicIPAddresses/read`
      - Traffic Manager: `Microsoft.Network/trafficManagerProfiles/read`
+     - Storage Accounts: `Microsoft.Storage/storageAccounts/read`
+     - AKS Clusters: `Microsoft.ContainerService/managedClusters/read`
+     - CDN: `Microsoft.Cdn/profiles/read`, `Microsoft.Cdn/profiles/endpoints/read`
+     - DNS: `Microsoft.Network/dnszones/read`, `Microsoft.Network/dnszones/recordsets/read`
+     - App Services: `Microsoft.Web/sites/read`
+     - Functions: `Microsoft.Web/sites/functions/read`
+     - Container Apps: `Microsoft.App/containerApps/read`
    - After creating the role, assign it to the App Registration under Role assignments.
    - Alternatively, if creating custom roles is not feasible in your environment, you may assign the built-in **Reader** role to the App Registration. This provides broader read access across the subscription and may exceed least-privilege needs.
    - Note your **Subscription ID** from the subscription's overview page.
 4. **Connect:**
    - Enter the four collected credentials (Tenant ID, Client ID, Client Secret, and Subscription ID) into ProjectDiscovery Cloud Platform to configure the integration.
 
-To use CLI, follow the instructions mentioned in the references below.
-
 References:
 
-1. https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli
-2. https://docs.microsoft.com/en-us/cli/azure/ad/sp?view=azure-cli-latest#az_ad_sp_create_for_rbac
-3. https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli
-4. https://learn.microsoft.com/en-us/azure/role-based-access-control/custom-roles-portal
+1. https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal
+2. https://learn.microsoft.com/en-us/azure/role-based-access-control/custom-roles-portal
+3. https://learn.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals
 
 
 
 ### Alibaba Cloud

 <Card title="Configure Alibaba Cloud Integration" icon="cloud" color="#FF6A00" href="https://cloud.projectdiscovery.io/assets/configure?provider=alibaba">
  Click here to open the Alibaba Cloud integration configuration page in the ProjectDiscovery Cloud platform
 </Card>

@@ -613,13 +649,13 @@
  style={{ width:"62%" }}
 />

 Supported Alibaba Cloud Services:

 - ECS Instances

 **Alibaba Integration Method**

 This guide details the secure, best-practice method for connecting to Alibaba Cloud using a dedicated RAM user with read-only permissions.

 1. **Create a RAM User for API Access:**
   - Navigate to the **RAM (Resource Access Management) console**. [Ref](https://ram.console.aliyun.com/manage/ak)
@@ -637,11 +673,11 @@
   - Select the **System Policy** type.
   - Search for and select the `AliyunReadOnlyAccess` policy and click **OK**. This is the official, managed policy for read-only access to all cloud resources.
 4. **Find Your Region ID and Connect:**
   - Identify the **Region ID** for the resources you plan to monitor. You can find the official list in the Alibaba Cloud documentation here: [Regions and zones](https://www.alibabacloud.com/help/en/doc-detail/40654.htm) (This link lists the specific IDs required for API configuration).
   - Use the credentials you have collected to fill in the fields in ProjectDiscovery:
     - **Alibaba Region ID**: The target region, for example, `us-east-1`.
     - **Alibaba Access Key**: The AccessKey ID from Step 2.
     - **Alibaba Access Key Secret**: The AccessKey Secret from Step 2.
   - Enter a unique **Integration Name** and click **Verify**.

 References:
@@ -682,8 +718,8 @@
  - Clusters with public IP addresses
 </Note>

 1. **Prepare Base64-Encoded Kubeconfig**
   - Your kubeconfig file is typically located at:

     ```
     ~/.kube/config
@@ -693,11 +729,11 @@
     ```
     cat ~/.kube/config | base64
     ```
   - Paste the output into the **Kubeconfig** field in the UI.

     > ⚠️ Ensure the entire content is copied without extra whitespace.
 2. **Specify Context (Optional)**
   - If your kubeconfig has multiple contexts, find them with:

     ```
     kubectl config get-contexts
@@ -716,7 +752,7 @@

 If your Kubernetes integration fails, the most common cause is cluster accessibility:

 - **Internal Clusters**: Clusters only accessible within private networks (VPN, internal VPCs) cannot be reached by ProjectDiscovery
 - **Firewall Restrictions**: Ensure your cluster's API server and services are accessible from the internet
 - **Network Policies**: Check that network policies allow external access to required endpoints
 - **Load Balancer Configuration**: Verify that external load balancers are properly configured and accessible
@@ -770,7 +806,7 @@

 ### Fastly

 <Card title="Configure Fastly Integration" icon="bolt" color="#FF282D" href="https://cloud.projectdiscovery.io/assets/configure?provider=fastly">
  Click here to open the Fastly integration configuration page in the ProjectDiscovery Cloud platform
 </Card>

@@ -781,16 +817,16 @@
  style={{ width:"65%" }}
 />

 **Fastly Integration Method**

 - Go to Fastly [account settings](https://manage.fastly.com/account/personal).
 - Under **API**, click **Create API token** if you don’t already have one.
 - Copy the API Key.
 - Now enter API Key in ProjectDiscovery Cloud Platform.
 - Give a unique Integration name and click **Verify**.

  <Tip>
    Tip: In Fastly's documentation and interfaces, "API Key" and "API Token" refer to the same thing. You can use the terms interchangeably throughout this guide.
  </Tip>

 References:

diff --git a/opensource/cloudlist/providers.mdx b/opensource/cloudlist/providers.mdx
@@ -1,10 +1,10 @@
 ---
 title: Cloudlist Providers
 description: "Supported cloud providers"
 sidebarTitle: Providers
 ---

 This guide offers insights into each supported provider, enabling you to leverage Cloudlist's capabilities to their fullest extent for comprehensive asset visibility and control.

 ## Major Cloud Providers

@@ -221,45 +221,104 @@
 
 Supported Azure Services:
   - Virtual Machines
-
-**Example Config:**
-
-Microsoft Azure can be integrated by using the following configuration block.
-
+  - Public IP Addresses
+  - Traffic Manager Profiles
+  - Storage Accounts
+  - Azure Kubernetes Service (AKS)
+  - Content Delivery Network (CDN)
+  - DNS Zones and Records
+  - Application Gateway & Load Balancer
+  - Container Instances
+  - App Service & Web Apps
+  - Azure Functions
+  - API Management
+  - Front Door
+  - Container Apps
+  - Static Web Apps
+
+**Example Configurations:**
+
+Microsoft Azure integration supports multiple authentication methods via the modern Track 2 SDK. Here are examples for different scenarios:
+
+**1. Client Secret Authentication (Most Common):**
 ```yaml
-- provider: azure # provider is the name of the provider
-  # id is the name defined by user for filtering (optional)
-  id: staging
-  # client_id is the client ID of registered application of the azure account (not requuired if using cli auth)
+- provider: azure
+  id: production
   client_id: $AZURE_CLIENT_ID
-  # client_secret is the secret ID of registered application of the zure account (not requuired if using cli uth)
   client_secret: $AZURE_CLIENT_SECRET
-  # tenant_id is the tenant ID of registered application of the azure account (not requuired if using cli auth)
   tenant_id: $AZURE_TENANT_ID
-  #subscription_id is the azure subscription id
   subscription_id: $AZURE_SUBSCRIPTION_ID
-  #use_cli_auth if set to true cloudlist will use azure cli auth
+```
+
+**2. Azure CLI Authentication (Local Development):**
+```yaml
+- provider: azure
+  id: development
+  subscription_id: $AZURE_SUBSCRIPTION_ID
   use_cli_auth: true
 ```
 
-`tenant_id`, `client_id`, `client_secret` can be obtained/generated from   `All services` > `Azure Active Directory` > `App registrations`
-`subscription_id` can be retrieved from  `All services` > `Subscriptions`
+**3. Client Certificate Authentication (Enterprise Security):**
+```yaml
+- provider: azure
+  id: secure-env
+  client_id: $AZURE_CLIENT_ID
+  certificate_path: /path/to/certificate.pem
+  tenant_id: $AZURE_TENANT_ID
+  subscription_id: $AZURE_SUBSCRIPTION_ID
+```
+
+**4. Managed Identity (Azure VMs, App Services, AKS):**
+```yaml
+- provider: azure
+  id: azure-hosted
+  subscription_id: $AZURE_SUBSCRIPTION_ID
+  use_managed_identity: true
+```
+
+**5. Workload Identity (Kubernetes, GitHub Actions OIDC):**
+```yaml
+- provider: azure
+  id: k8s-workload
+  subscription_id: $AZURE_SUBSCRIPTION_ID
+  use_workload_identity: true
+```
+
+**6. Auto-Detection (DefaultAzureCredential):**
+```yaml
+- provider: azure
+  id: auto-detect
+  subscription_id: $AZURE_SUBSCRIPTION_ID
+  # No explicit auth method - automatically detects available credentials
+```
+
+**Authentication Setup:**
+
+- `tenant_id`, `client_id`, `client_secret` can be obtained/generated from `All services` > `Azure Active Directory` > `App registrations`
+- `subscription_id` can be retrieved from `All services` > `Subscriptions`
+- For CLI auth: set `use_cli_auth: true` and run `az login` in the terminal
+- For certificate auth: generate a certificate and register it with your App Registration
+- For managed/workload identity: ensure the identity has appropriate permissions on the subscription
 
-To use cli auth set `use_cli_auth` value to `true` and run `az login` in the terminal
+**Authentication Priority (when using auto-detection):**
+1. Environment Variables (AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_TENANT_ID)
+2. Workload Identity (Kubernetes service account tokens)
+3. Managed Identity (Azure VMs, App Services, AKS nodes)
+4. Azure CLI (az login session)
 
 References:
 1. https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli
 2. https://docs.microsoft.com/en-us/cli/azure/ad/sp?view=azure-cli-latest#az_ad_sp_create_for_rbac
 3. https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli

 ### Alibaba Cloud

 Suppoted Alibaba Cloud Services:
  - ECS Instances

 **Example Config:**

 Alibaba Cloud can be integrated by using the following configuration block.

 ```yaml
 - provider: alibaba # provider is the name of the provider
@@ -273,7 +332,7 @@
  alibaba_access_key_secret: $ALIBABA_ACCESS_KEY_SECRET
 ```

 Alibaba Cloud Access Key ID and Secret can be created by visiting https://ram.console.aliyun.com/manage/ak

 References:
 1. https://www.alibabacloud.com/help/faq-detail/142101.htm
@@ -288,7 +347,7 @@

 **Example Config:**

 Digitalocean can be integrated by using the following configuration block.

 ```yaml
 - provider: do # provider is the name of the provider
@@ -298,19 +357,19 @@
  digitalocean_token: $DIGITALOCEAN_TOKEN
 ```

 `digitalocean_token` can be generated from the Digitalocean Control Panel. We recommend only giving Read Access to the token.

 References:
 1. https://www.digitalocean.com/docs/apis-clis/api/create-personal-access-token/

 ### SCW (Scaleway)

 Supported Scaleway Services:
  - Instances

 **Example Config:**

 Scaleway can be integrated by using the following configuration block.

 ```yaml
 - provider: scw # provider is the name of the provider
@@ -320,7 +379,7 @@
  scaleway_access_token: $SCALEWAY_ACCESS_TOKEN
 ```

 `scaleway_access_key` and `scaleway_access_token` can be generated from the Credentials Options in scaleway console.

 References - 
 1. https://www.scaleway.com/en/docs/generate-api-keys/
@@ -359,14 +418,14 @@
 References:
 1. https://devcenter.heroku.com/articles/platform-api-quickstart#authentication

 ### Linode

 Supported Linode Services:
  - Instances

 **Example Config:**

 Linode can be integrated by using the following configuration block.

 ```yaml
 - provider: linode # provider is the name of the provider
@@ -383,14 +442,14 @@

 ## CDN & DNS Management

 ### Fastly

 Supported Fastly Services:
  - Services

 **Example Config:**

 Fastly can be integrated by using the following configuration block.

 ```yaml
 - # provider is the name of the provider
@@ -407,14 +466,14 @@
 1. https://docs.fastly.com/en/guides/using-api-tokens#creating-api-tokens


 ### Namecheap

 Supported Namecheap Services:
  - Domain List

 **Example Config:**

 Namecheap can be integrated by using the following configuration block.

 ```yaml
 - provider: namecheap # provider is the name of the provider
@@ -426,9 +485,9 @@
  namecheap_user_name: $NAMECHEAP_USER_NAME
 ```

 Namecheap API Access can be enabled by visiting https://ap.www.namecheap.com/settings/opensource/apiaccess/ and then:
 - Toggle ON API Access switch
 - Add your public IP to Whitelistted IPs 


 References: 
@@ -455,19 +514,19 @@
  api_token: $CF_API_TOKEN
 ```

 `api_key` can be generated from Cloudflare API Key manager. It needs to be Global API Key due to limitation of cloudflare new API tokens.

 References: 
 1. https://developers.cloudflare.com/api/keys

 ### Hetzner Cloud

 Supported Hetzner Cloud Services:
  - Instances

 **Example Config:**

 Hetzner Cloud can be integrated by using the following configuration block.

 ```yaml
 - provider: hetzner # provider is the name of the provider
@@ -490,7 +549,7 @@

 **Example Config:**

 To integrate Kubernetes, utilize the configuration block outlined below. This block allows you to specify Kubernetes connection details either through a file path or directly by providing the encoded kubeconfig content. If both kubeconfig_file and kubeconfig_encoded are specified, the kubeconfig_encoded will take precedence.

 ```yaml
 - provider: kubernetes # provider is the name of the provider
@@ -508,13 +567,13 @@
 3. https://learn.microsoft.com/en-us/azure/aks/control-kubeconfig-access#get-and-verify-the-configuration-information
 4. https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl#store_info

 ### Hashicorp Tools

 With Cloudlist you can get assets from nomad, consul and terraform. Cloudlist can query Nomad and Consul directly, and will use the Terraform state file to list Terraform created assets.

 #### Nomad

 Hashicorp Nomad can be integrated by using the following configuration block.

 **Example Config:**

@@ -541,7 +600,7 @@

 #### Consul

 Hashicorp Consul can be integrated by using the following configuration block.

 **Example Config:**


diff --git a/opensource/cloudlist/running.mdx b/opensource/cloudlist/running.mdx
@@ -1,10 +1,10 @@
 ---
 title: Running Cloudlist
 description: "Learn about running Cloudlist with examples and support details"
 sidebarTitle: Running
 ---

 For all of the flags and options available for `cloudlist` be sure to check out the [Usage](/opensource/cloudlist/usage) page. On this page you can find some examples with output, details of what 'cloudlist' supports, and details on configuration.

 <Note> If you have questions, reach out to us through [Help](/help). </Note>

@@ -55,7 +55,7 @@
 cloudlist -provider gcp -id organization -json | jq '.[] | select(.provider == "gcp")'
 ```

 ## Running cloudlist with Nuclei

 Scanning assets from various cloud providers with nuclei for security assessments:- 

@@ -118,16 +118,20 @@
 - provider: azure # provider is the name of the provider
   # id is the name defined by user for filtering (optional)
   id: staging
-  # client_id is the client ID of registered application of the azure account (not requuired if using cli auth)
+  # subscription_id is the azure subscription id (required)
+  subscription_id: $AZURE_SUBSCRIPTION_ID
+  # client_id is the client ID of registered application (optional - for service principal auth)
   client_id: $AZURE_CLIENT_ID
-  # client_secret is the secret ID of registered application of the zure account (not requuired if using cli uth)
+  # client_secret is the secret of registered application (optional - for service principal auth)
   client_secret: $AZURE_CLIENT_SECRET
-  # tenant_id is the tenant ID of registered application of the azure account (not requuired if using cli auth)
+  # tenant_id is the tenant ID (optional - for service principal auth)
   tenant_id: $AZURE_TENANT_ID
-  #subscription_id is the azure subscription id
-  subscription_id: $AZURE_SUBSCRIPTION_ID
-  #use_cli_auth if set to true cloudlist will use azure cli auth
+  # use_cli_auth: true enables Azure CLI authentication (optional)
   use_cli_auth: true
+  # Other supported auth methods:
+  # use_managed_identity: true    # For Azure VMs, App Services, AKS
+  # use_workload_identity: true   # For Kubernetes, GitHub Actions OIDC
+  # certificate_path: /path/cert  # For certificate-based authentication
 
 - provider: cloudflare # provider is the name of the provider
   # email is the email for cloudflare
@@ -237,7 +241,7 @@

 ```

 # Cloudlist as a library

 It's possible to use the library directly in your go programs. The following code snippets outline how to list assets from all or given cloud provider.