Skip to content

Instantly share code, notes, and snippets.

Avatar
💯
Back on DSC

Daniel Scott-Raynsford PlagueHO

💯
Back on DSC
View GitHub Profile
@PlagueHO
PlagueHO / Get-AzLogAnalyticsWorkspaceSource.ps1
Created Jul 28, 2021
PowerShell function that looks for Azure resources and services that send data to Log Analytics workspaces. Use this to assess the usage of Azure Log Analytics workspaces across a tenant.
View Get-AzLogAnalyticsWorkspaceSource.ps1
#Requires -Modules @{ ModuleName = 'Az.Accounts'; ModuleVersion = '2.5.1' }
#Requires -Modules @{ ModuleName = 'Az.Resources'; ModuleVersion = '4.2.0' }
#Requires -Modules @{ ModuleName = 'Az.Compute'; ModuleVersion = '4.15.0' }
#Requires -Modules @{ ModuleName = 'Az.OperationalInsights'; ModuleVersion = '2.3.0' }
#Requires -Modules @{ ModuleName = 'Az.Aks'; ModuleVersion = '2.2.0' }
<#
.SYNOPSIS
Returns an array Azure Log Analytics workspaces and the resources
that send data to them.
@PlagueHO
PlagueHO / azuredeploy.json
Created Feb 24, 2021
ARM Template for Deploying Azure Database for PostgreSQL with read-only replica and no public network access.
View azuredeploy.json
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"serverName": {
"type": "string",
"metadata": {
"description": "Server Name for Azure database for PostgreSQL"
}
},
@PlagueHO
PlagueHO / CreateAzureDevOpsAgentPoolVMSS.sh
Created Jan 26, 2021
Create an Azure DevOps Agent Pool VMSS
View CreateAzureDevOpsAgentPoolVMSS.sh
az vmss create \
--name dsragentspool \
--resource-group dsr-azuredevops-rg \
--image UbuntuLTS \
--vm-sku Standard_DS2_v2 \
--storage-sku Standard_LRS \
--authentication-type SSH \
--instance-count 2 \
--disable-overprovision \
--upgrade-policy-mode manual \
@PlagueHO
PlagueHO / azure-pipelines.yml
Created Jan 24, 2021
Azure DevOps Multi-Stage YAML Pipeline triggered off Main Branch with access to Secrets & Service Connections and using Environments
View azure-pipelines.yml
trigger:
branches:
include:
- 'main'
pr: none
stages:
- stage: Build
jobs:
- template: templates/build.yml
@PlagueHO
PlagueHO / azure-pipelines.yml
Created Jan 24, 2021
Example Azure DevOps Multi-Stage YAML Pipeline triggered off malicious branch
View azure-pipelines.yml
trigger:
branches:
include:
- 'main'
- 'malicious-change'
pr: none
stages:
- stage: Build
jobs:
@PlagueHO
PlagueHO / azure-pipelines.yml
Last active Jan 24, 2021
Azure DevOps Multi-Stage YAML Pipeline triggered off Main Branch with access to Secrets & Service Connections
View azure-pipelines.yml
trigger:
branches:
include:
- 'main'
pr: none
stages:
- stage: Build
jobs:
- template: templates/build.yml
@PlagueHO
PlagueHO / Invoke-AzContainerGroupCommand.ps1
Created Oct 26, 2020
Execute a command on an Azure Container Instance and return a terminal
View Invoke-AzContainerGroupCommand.ps1
$SubscriptionId = '<subscription id>'
$ResourceGroupName = 'my-container-rg'
$AciName = 'my-container-aci'
$resourceId = "/subscriptions/$($SubscriptionId)/resourceGroups/$($ResourceGroupName)/providers/Microsoft.ContainerInstance/containerGroups/$($AciName)/containers/$($AciName)"
$command = "/zap/zap-baseline.py -t 'https://myapplication.net' -x OWASP-ZAP-Report.xml"
Invoke-AzResourceAction `
-ResourceId $resourceId `
-Action 'exec' `
-ApiVersion '2019-12-01' `
@PlagueHO
PlagueHO / Invoke-AzureArcLinuxCustomScriptExtensionsArmDeployment.ps1
Created Aug 23, 2020
PowerShell Command to deploy Azure Arc Custom Script Extensions using ARM Template
View Invoke-AzureArcLinuxCustomScriptExtensionsArmDeployment.ps1
New-AzResourceGroupDeployment `
-ResourceGroupName '<NAME OF RESOURCE GROUP CONTAINING ARC MACHINES>' `
-TemplateFile ~/AzureArcLinuxCustomScriptExtensions.json `
-TemplateParameterObject @{
MachineName = '<NAME OF AZURE ARC MACHINE>'
Location = '<LOCATION OF AZURE ARM MACHINE>'
WorkspaceId = '<WORKSPACE ID OF LOG ANALYTICS WORKSPACE>'
WorkspaceKey = '<WORKSPACE KEY OF LOG ANALYTICS WORKSPACE>'
}
@PlagueHO
PlagueHO / Download-AzureArcLinuxCustomScriptExtensionsArm.ps1
Created Aug 23, 2020
PowerShell script to download Azure ARM Template to enable Azure Monitor Log Analytics Container Monitoring on a Linux Docker host in Azure Arc managed machines using the custom script extension
View Download-AzureArcLinuxCustomScriptExtensionsArm.ps1
Invoke-WebRequest -Uri https://gist.githubusercontent.com/PlagueHO/c3f09056cace496dded18da8bc1ed589/raw/AzureArcLinuxCustomScriptExtensions.json -OutFile ~\AzureArcLinuxCustomScriptExtensions.json
@PlagueHO
PlagueHO / AzureArcLinuxCustomScriptExtensions.json
Created Aug 23, 2020
Azure ARM Template to enable Azure Monitor Log Analytics Container Monitoring on a Linux Docker host in Azure Arc managed machines
View AzureArcLinuxCustomScriptExtensions.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"MachineName": {
"type": "String"
},
"Location": {
"type": "String"
},