I hereby claim:
- I am rcabr on github.
- I am rcabr (https://keybase.io/rcabr) on keybase.
- I have a public key ASAf5DroJ22Q0-O9RC4mJ7uJxGbHfwiggg2VQIW8ZfOVYQo
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
// Problem: | |
// Use the DocumentDB REST API from Pentaho DI (Spoon) | |
// Produce an authorization header for the request | |
// | |
// Solution: | |
// 1. Read this document https://docs.microsoft.com/en-us/rest/api/documentdb/access-control-on-documentdb-resources | |
// 2. Assuming you have serialized your record to JSON and wish to publish it via a REST Client step | |
// 3. Add a "Modified Java Script Value" step to your Pentaho Transformation with the following body. | |
//Input |
# Assigns all resource policies in the current folder to the specified resource group. | |
[CmdletBinding()] | |
Param( | |
[Parameter(Mandatory=$True)] | |
[string]$ResourceGroupName | |
) | |
# get subscription or ask user to log in | |
$subscription = Get-AzureRmSubscription; |
# Assumes the Azure RM context is already set (logged in, subscription selected). | |
# Returns a list of Resource Group Names and the Earliest Timestamp (from deployment activity) for each. | |
((Get-AzureRmResourceGroup | Select-Object ResourceGroupName) | Get-AzureRmResourceGroupDeployment)` | |
| Select-Object ResourceGroupName, @{Name="Created"; Expression = {$_.Timestamp}} ` | |
| Sort-Object ResourceGroupName, Created ` | |
| Group-Object ResourceGroupName ` | |
| Select-Object Name, @{Name="EarliestTimestamp"; Expression={` | |
$_.Group.Created | Measure-Object -Minimum | Select-Object -ExpandProperty Minimum ` | |
}} |
$days = 7 | |
$pointInTime = [DateTime]::Now.AddDays(-$days); | |
$horizon = $pointInTime.AddDays(-$days); | |
"===Removing resource groups created between $horizon and $pointInTime===" | |
# Get potential log entries | |
$logs = @() | |
$logs += Get-AzureRmLog -StartTime $horizon -EndTime $pointInTime -Status "Succeeded" -ResourceProvider "Microsoft.Resources" -WarningAction "SilentlyContinue" ` | |
| Select-Object ResourceGroupName, ResourceId, @{Name="EventNameValue"; Expression={$_.EventName.Value}}, @{Name="OperationNameValue"; Expression={$_.OperationName.Value}}, EventTimestamp, @{Name="HttpVerb"; Expression={$_.HttpRequest.Method}} ` |
# | |
# Assigns the specified initiative to the currently selected subscription | |
# | |
[CmdletBinding()] | |
Param( | |
[Parameter(Mandatory=$true, HelpMessage="The name of the initiative to assign. Example: 'Data Classification'")] | |
[string]$InitiativeName | |
) | |
Get-AzureRmContext # print out current context to inform operator |
<# | |
.Synopsis | |
Gets all current policy violations for the specified policies, | |
gets the owning e-mail group by examining the managedBy tag (walks up from resource to resource group to subscription), | |
gets the last people who touched the resource (by examining audit events in the past 90 days), | |
and either: | |
- sends an e-mail to each user with their resources and violations | |
- sends the full list to a default e-mail address. | |
.Description |
<# | |
.SYNOPSIS | |
Create a Mermaid diagram (https://mermaidjs.github.io/) | |
that reflects the Azure management group and subscription hierarchy. | |
.DESCRIPTION | |
This script assumes prerequisites: | |
1) The Az module is installed (https://docs.microsoft.com/en-us/powershell/azure/new-azureps-module-az) | |
2) Azure sign-in is completed (Connect-AzAccount) | |
3) The signed-in user has the required permissions to enumerate the management groups and subscriptions |
<# | |
.Synopsis | |
Scans for Azure SQL servers missing our IP addresses in their firewalls and sends a report by e-mail. | |
.Description | |
Intended for use from an Azure Automation account. | |
.NOTES | |
AUTHOR: rcabr | |
LASTEDIT: 2019-06-04 |