Skip to main content

Wiz Wiz

Wiz is used to rapidly identify and remove the most critical risks in AWS, Azure, GCP, and Kubernetes, so they can build faster and more securely.

Creating a Wiz connection

To create the connection you need:

Obtaining the credentials

API Address

The Wiz Integration API has a single endpoint https://api.<region>.app.wiz.io/graphql.

The region defines where the tenant resides, e.g. us1, us2, eu1, or eu2.

  1. In your Wiz console, go to User Settings.

    User Settings

  2. Navigate to Tenant and Copy your API Endpoint URL.

    Tenant

Client ID and Secret

  1. In your Wiz console, go to Settings > Service Accounts.

    https://files.readme.io/0be839a-service_accounts.png

  2. Click Add Service Account.

    https://files.readme.io/c278bd7-new-service-account.PNG

  3. Fill in the parameters:

    • Name the account.
    • (Optional) Select specific Projects to limit the new service account's access.
    • Select the scopes you wish to grant the new service account. We recommend assigning the scopes which will suffice for all of Blink's out-of-the-box actions:
      • read:issues
      • read:users
      • read:reports
      • create:reports

  4. Click Add Service Account.

    https://files.readme.io/20a303c-copy_secret_credentials.png

  5. Copy the Client ID and Secret, and save in a secure place.

  6. Click Finish.

Token URL

  1. Go to Settings > Service Account.

  2. The token URL is near the top of the screen.

    Token URL Endpoint

  3. Copy your API Endpoint URL.

  4. Token URL endpoints:

IdpEndpointEndpoint for gov tenants
Amazon Cognitohttps://auth.app.wiz.io/oauth/tokenhttps://auth.gov.wiz.io/oauth/token
Auth0https://auth.wiz.io/oauth/tokenhttps://auth0.gov.wiz.io/oauth/token

Creating your connection

  1. In the Blink platform, navigate to the Connections page > Add connection. A New Connection dialog box opens displaying icons of external service providers available.
  2. Select the Wiz icon. A dialog box with name of the connection and connection methods appears.
  3. (Optional) Edit the name of the connection. At a later stage you cannot edit the name.
  4. Select Service Account as the method to create the connection.
  5. Fill in the parameters:
    • The API address
    • The client ID
    • The client secret
    • The Token URL
  6. (Optional) Click Test Connection to test it.
  7. Click Create connection. The new connection appears on the Connections page.