Last active
January 12, 2017 10:51
-
-
Save dazfuller/32daeaad1af88098b658ee816b0688c8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.DESCRIPTION | |
A runbook which finds storage accounts without encryption services enabled and | |
enables them | |
.NOTES | |
AUTHOR: @dazfuller | |
LASTEDIT: Jan 11, 2017 | |
#> | |
workflow EnableStorageAccountEncryption | |
{ | |
$connectionName = "AzureRunAsConnection" | |
try | |
{ | |
$servicePrincipalConnection = Get-AutomationConnection -Name $connectionName | |
"Logging into Azure..." | |
Login-AzureRmAccount ` | |
-ServicePrincipal ` | |
-TenantId $servicePrincipalConnection.TenantId ` | |
-ApplicationId $servicePrincipalConnection.ApplicationId ` | |
-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint | |
} | |
catch | |
{ | |
if (!$servicePrincipalConnection) | |
{ | |
$errorMessage = "Connection $connectionName not found." | |
throw $errorMessage | |
} | |
else | |
{ | |
Write-Error -Message $_.Exception | |
throw $_.Exception | |
} | |
} | |
# Get resource groups | |
$resourceGroups = Get-AzureRmResourceGroup | |
ForEach -Parallel ($resourceGroup in $resourceGroups) | |
{ | |
# Get storage accounts for the resource group | |
$storageAccounts = Get-AzureRmStorageAccount -ResourceGroupName $resourceGroup.ResourceGroupName | |
ForEach ($storageAccount in $storageAccounts) | |
{ | |
# If the storage account does not have encryption services enabled then enable them | |
if ($storageAccount.Encryption -eq $null) | |
{ | |
Write-Output "Enabling encryption services for $($storageAccount.Id)" | |
Set-AzureRmStorageAccount -Name $storageAccount.StorageAccountName -ResourceGroupName $resourceGroup.ResourceGroupName -EnableEncryptionService Blob | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment