This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", | |
"contentVersion": "1.0.0.0", | |
"parameters": {}, | |
"resources": [ | |
{ | |
"type": "Microsoft.Authorization/policyDefinitions", | |
"apiVersion": "2019-06-01", | |
"name": "keyvaultDiag", | |
"properties": { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/tenantDeploymentTemplate.json#", | |
"contentVersion": "1.0.0.0", | |
"parameters": { | |
"logAnalyticsResourceId": { | |
"type": "string", | |
"metadata": { | |
"description": "Provide the resourceId to your Log Analytics workspace that will receive the AAD auding/sign-in logs." | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", | |
"contentVersion": "1.0.0.0", | |
"parameters": { | |
"sharedServicesRgName": { | |
"type": "string", | |
"metadata": { | |
"description": "Provide name for the shared services resource group" | |
} | |
}, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/tenantDeploymentTemplate.json#", | |
"contentVersion": "1.0.0.0", | |
"parameters": { | |
"policyDefinitionId": { | |
"type": "string" | |
}, | |
"policyAssignmentId": { | |
"type": "string" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json#", | |
"contentVersion": "1.0.0.0", | |
"parameters":{}, | |
"resources":[], | |
"outputs": { | |
"policyDefinitionTemplate": { | |
"value": "[reference('/subscriptions/4d6a661f-2192-5ef8-a377-ae79beb54f3c/providers/Microsoft.Authorization/policyDefinitions/614c4ec0-be43-4dd5-bd50-b21e570c4abb', '2018-05-01').policyRule.then.details.deployment.properties.template]", | |
"type": "object" | |
}, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json#", | |
"contentVersion": "1.0.0.0", | |
"parameters":{}, | |
"resources":[], | |
"outputs": { | |
"policyDefinitionTemplate": { | |
"value": "[reference('/subscriptions/4d6a661f-2192-5ef8-a377-ae79beb54f3c/providers/Microsoft.Authorization/policyDefinitions/09612efe-434f-4555-bd46-4ca7dcc4c709', '2018-05-01').policyRule.then.details.deployment.properties.template]", | |
"type": "object" | |
}, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"properties": { | |
"displayName": "Deploys Activity Logs to Log Analytics", | |
"policyType": "Custom", | |
"mode": "All", | |
"description": "Ensures that Activity Log Diagnostics settings are set to push logs into Log Analytics", | |
"parameters": { | |
"logAnalytics": { | |
"type": "String", | |
"metadata": { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"properties": { | |
"displayName": "Deploy Azure Log Analytics if not exist on subscription", | |
"mode": "All", | |
"policyType": "Custom", | |
"parameters": { | |
"workspaceName": { | |
"type": "string", | |
"metadata": { | |
"description": "Provide suffix for Log Analytics workspace that will be created per subscription" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-AzMgHierarchy { | |
[cmdletbinding()] | |
param ( | |
[string]$mgGroupId | |
) | |
# Getting Azure connection context for the signed in user | |
$currentContext = Get-AzContext | |
# fetching new token |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Query Tenant Activity Log for the last 10 days | |
$GetDate = (Get-Date).AddDays((-10)) | |
$dateFormatForQuery = $GetDate.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ") | |
# Getting Azure context for the API call | |
$currentContext = Get-AzContext | |
# fetching new token |