# Microsoft Azure
P0's Azure integration is **Generally Available** and provides comprehensive access management for your Azure resources.
## Overview
This guide walks you through installing and configuring P0's Azure integrations:
* IAM Management for Just‑in‑Time (JIT) access
* SSH access for Azure Virtual Machines via Bastion
## Installation summary
Complete the following steps **in order**. Each step depends on the one before it.
{% hint style="info" %}
Steps 3 and 4 are only required if you need SSH access for Azure Virtual Machines. If you only need IAM management for JIT access, complete steps 1 and 2.
{% endhint %}
| Step | Page | Purpose | Depends on |
| ---- | ------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------- | -------------------------- |
| 1 | [Azure app registration](/integrations/resource-integrations/microsoft-azure/azure-app-registration.md) | Create the service identity P0 uses in your tenant | — |
| 2 | [IAM management](/integrations/resource-integrations/microsoft-azure/iam-management.md) | Enable Just‑in‑Time access to Azure resources | App registration |
| 3 | [Configure bastion host integration](/integrations/resource-integrations/microsoft-azure/configure-bastion-host-integration.md) | Set up the Bastion host for secure SSH tunneling | IAM management |
| 4 | [Install SSH access](/integrations/resource-integrations/microsoft-azure/install-ssh-access.md) | Connect P0 to your Azure VMs for SSH access | Bastion host configuration |
{% hint style="warning" %}
These steps have strict dependencies. You cannot configure a Bastion host without first completing the app registration and IAM management, and you cannot install SSH access without first configuring a Bastion host.
{% endhint %}
## Before you begin
* Choose one Entra ID directory on which you want to install P0
* Choose at least one subscription on which to install P0.
* Make sure you have the ability to create new app registrations as well as new roles and role assignments. You can do this if you have the [Owner](https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles/privileged#owner) role attached to your user.
## Get started
Navigate to "Integrations" on [p0.app](https://p0.app), then select "Azure". You will be prompted to enter the ID of the [Entra Tenant](https://techcommunity.microsoft.com/blog/startupsatmicrosoftblog/demystifying-microsoft-entra-id-tenants-and-azure-subscriptions/4155261) you want to install P0 on.
Then proceed to [Step 1 — Azure app registration](/integrations/resource-integrations/microsoft-azure/azure-app-registration.md).
### IAM assessment (coming soon)
Support for IAM assessment is planned and will appear in the Azure integration when available.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.p0.dev/integrations/resource-integrations/microsoft-azure.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.