This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Requires -PSEdition Core | |
[CmdletBinding()] | |
param ( | |
[Parameter(Mandatory = $false, HelpMessage = "Definitions folder path. Defaults to environment variable `$env:PAC_DEFINITIONS_FOLDER or './Definitions'.")] | |
[string]$definitionsRootFolder, | |
[Parameter(Mandatory = $false, HelpMessage = "Output Folder. Defaults to environment variable `$env:PAC_OUTPUT_FOLDER or './Outputs'.")] | |
[string] $outputFolder, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Microsoft Cloud Security Benchmark | |
Auto-generated Policy effect documentation across environments 'Production' sorted by Policy category and Policy display name. | |
## Table of contents | |
- [Environments](#environments) | |
- [Policy effects across environments](#policy-effects-across-environment) | |
## <a id="environments"></a>Environments |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Requires -PSEdition Core | |
function Confirm-ObjectValueEqualityDeep { | |
[CmdletBinding()] | |
param( | |
$existingObj, | |
$definedObj | |
) | |
if ($definedObj -eq $existingObj) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Requires -PSEdition Core | |
[CmdletBinding()] | |
param ( | |
[parameter(Mandatory = $false, HelpMessage = "Defines which Policy as Code (PAC) environment we are using, if omitted, the script prompts for a value. The values are read from `$DefinitionsRootFolder/global-settings.jsonc.", Position = 0)] | |
[string] $PacEnvironmentSelector, | |
[Parameter(Mandatory = $false, HelpMessage = "Definitions folder path. Defaults to environment variable `$env:PAC_DEFINITIONS_FOLDER or './Definitions'.")] | |
[string]$definitionsRootFolder, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
securityresources | |
| where type == "microsoft.security/assessments" | |
| where * contains "Machines should have vulnerability findings resolved" | |
| summarize by assessmentKey=name //the ID of the assessment | |
| join kind=inner ( | |
securityresources | |
| where type == "microsoft.security/assessments/subassessments" | |
| extend assessmentKey = extract(".*assessments/(.+?)/.*",1, id) | |
) on assessmentKey | |
| project assessmentKey, subassessmentKey=name, id, parse_json(properties), resourceGroup, subscriptionId, tenantId |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"version": "Notebook/1.0", | |
"items": [ | |
{ | |
"type": 1, | |
"content": { | |
"json": "## Azure WAF Cost Assessment Workbook\r\n### Change Log\r\n\r\n|Version|Date|Description|\r\n|---|---|---|\r\n|v1.1.1| 20/09/2021 | Initial Release\r\n|v1.1.2| 25/09/2021 | Sort resource groups and tags filter alphabetically\r\n|v1.1.3| 03/10/2021 |-Added export button to applicable queries<br>-Remove developer and express from SQL VMs query<br>-Fixed typo in overview tab notes<br>-Linux AHUB-filter RedHat and Suse only<br>-Added changelog\r\n|v1.1.4| 20/10/2021 | -Fixed bug in performance tab NIC drop down <br>-Added subscription filter to performance tab<br>-Added TimeRange parameter<br>-Added search filter field for the Resources tagged tile in the ResourceDetails group under Performance tab<br>-Fixed issue in VMs performance query<br>Simplified WebApps and AKS queries to avoid throttling\r\n|v1.1.5| 01/11/2021 | -Fixed Tag filter parameters to avoid empty tags in queries <br> -Fixed tag queries for perfo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$subject = "/subscriptions//resourceGroups/ea-arc/providers/Microsoft.Network/networkSecurityGroups/tst_nsg/securityRules/AllowAnyCustom8080Inbound" | |
function Test-IPRange { | |
Param($IPRange, $AllowedIP) | |
$passCount = 0 | |
foreach ($range in $IPRange) { | |
if ($range -match "/") { | |
} | |
elseif ($range -eq $AllowedIP) { | |
$passCount ++ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"name": "2d9de0b5-8e26-40ae-92e5-c06f41f8167a", | |
"properties": { | |
"displayName": "Deploy NSG Event Grid", | |
"policyType": "Custom", | |
"mode": "All", | |
"metadata": { | |
"category": "Monitoring" | |
}, | |
"parameters": { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"properties": { | |
"name": "AE-EnforceEventGrid", | |
"displayName": "AE - Enforce Event Grid", | |
"description": "Enforces an Event Grid Topic & Subscription on the AE storage accounts where NSG Logs are pushed with the Azure function as the subscription's endpoint.", | |
"policyType": "Custom", | |
"mode": "All", | |
"parameters": { | |
"functionId": { | |
"type": "String" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
advisorresources | |
| where type == "microsoft.advisor/recommendations" | |
| where tostring (properties.category) has "Cost" | |
| where properties.impactedField has "Compute" or properties.impactedField has "Container" or properties.impactedField has "Web" | |
| project AffectedResource=tostring(properties.resourceMetadata.resourceId),Impact=properties.impact,resourceGroup,AdditionaInfo=properties.extendedProperties,subscriptionId,Recommendation=tostring(properties.shortDescription.problem) | |
| extend annualSavingsAmount = AdditionaInfo.annualSavingsAmount | |
| extend currentSku = AdditionaInfo.currentSku | |
| extend targetSku = AdditionaInfo.targetSku | |
| extend vmName = split(AffectedResource,"/")[-1] | |
| project-away Recommendation, AdditionaInfo, subscriptionId,AffectedResource |
NewerOlder