Wiz is used to rapidly identify and remove the most critical risks in AWS, Azure, GCP, and Kubernetes, so they can build faster and more securely.
To create the connection you need:
The Wiz Integration API has a single endpoint https://api.<region>.app.wiz.io/graphql
.
The region defines where the tenant resides, e.g. us1
, us2
, eu1
, or eu2
.
In your Wiz console, go to User Settings.
Navigate to Tenant and Copy your API Endpoint URL.
In your Wiz console, go to Settings > Service Accounts.
Click Add Service Account.
Fill in the parameters:
Name the account.
(Optional) Select specific Projects to limit the new service account’s access.
Select the scopes you wish to grant the new service account. We recommend assigning the scopes which will suffice for all of out-of-the-box Blink actions:
read:issues
read:users
read:reports
create:reports
Click Add Service Account.
Copy the Client ID and Secret, and save in a secure place.
Click Finish.
Go to Settings > Service Account.
The token URL is near the top of the screen.
Copy your API Endpoint URL.
Token URL endpoints:
Idp | Endpoint | Endpoint for gov tenants |
---|---|---|
Amazon Cognito | https://auth.app.wiz.io/oauth/token | https://auth.gov.wiz.io/oauth/token |
Auth0 | https://auth.wiz.io/oauth/token | https://auth0.gov.wiz.io/oauth/token |
In the Blink platform, navigate to the Connections page > Add connection. A New Connection dialog box opens displaying icons of external service providers available.
Select the Wiz icon. A dialog box with name of the connection and connection methods appears.
(Optional) Edit the name of the connection. At a later stage you cannot edit the name.
Select Service Account as the method to create the connection.
Fill in the parameters:
(Optional) Click Test Connection to test it.
Click Create connection. The new connection appears on the Connections page.