diff --git a/docs/en/enterprise-edition/content-collections/_graphics/connect/azure-authorize-prisma-cloud-1.png b/docs/en/enterprise-edition/content-collections/_graphics/connect/azure-authorize-prisma-cloud-1.png
new file mode 100644
index 0000000000..da4febf5da
Binary files /dev/null and b/docs/en/enterprise-edition/content-collections/_graphics/connect/azure-authorize-prisma-cloud-1.png differ
diff --git a/docs/en/enterprise-edition/content-collections/connect/connect-cloud-accounts/onboard-your-azure-account/authorize-prisma-cloud.adoc b/docs/en/enterprise-edition/content-collections/connect/connect-cloud-accounts/onboard-your-azure-account/authorize-prisma-cloud.adoc
index 8f9a3c3902..465253dfc9 100644
--- a/docs/en/enterprise-edition/content-collections/connect/connect-cloud-accounts/onboard-your-azure-account/authorize-prisma-cloud.adoc
+++ b/docs/en/enterprise-edition/content-collections/connect/connect-cloud-accounts/onboard-your-azure-account/authorize-prisma-cloud.adoc
@@ -88,6 +88,8 @@ In addition to the automated Terraform authorization method, you also have the o
 
 . In your Prisma Cloud console, in the Configure Account step, click *Download Terraform Script* to download the JSON files which contain the permissions. These permissions vary depending on whether your account is Commercial, Government, or in China.
 +
+image::connect/azure-authorize-prisma-cloud-1.png[]
++
 [NOTE]
 ====
 Microsoft recommends using a wildcard to configure NSG flow log permissions (Microsoft.Network/networkWatchers/queryFlowLogStatus/*), listed in the JSON files. Refer to https://docs.microsoft.com/en-us/azure/network-watcher/required-rbac-permissions#nsg-flow-logs[Microsoft documentation] for more details.