Last active
September 22, 2018 03:10
-
-
Save GuruCharan94/faba9ce4c64885d6697c2c0fd8bd91bc to your computer and use it in GitHub Desktop.
Getting Started with Secure Devops Kit for Azure
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Install-Module AzSK -Scope CurrentUser -AllowClobber -Force |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Param | |
| ( | |
| [Parameter(Mandatory=$true)] | |
| [string]$SubscriptionName, | |
| [string]$Location = "East US" | |
| ) | |
| $RgName = "AzSK-GettingStarted-RG" | |
| #The script requires Powershell 5 or higher. | |
| Import-Module AzSK | |
| # Log in to Azure | |
| Login-AzureRMAccount | |
| Set-AzureRmContext -Subscription $SubscriptionName | |
| #Create a resource group if it does not exist | |
| Get-AzureRmResourceGroup -Name $RgName -ErrorAction SilentlyContinue -ErrorVariable rgError | |
| if ($rgError) | |
| { | |
| New-AzureRmResourceGroup -Name $RgName -Location $Location | |
| } | |
| #Create a Log analytics Workspace if not exists | |
| $LogAnalyticsWorkspace = Get-AzureRmOperationalInsightsWorkspace -ResourceGroupName $RgName | Select -First 1 | |
| if ($LogAnalyticsWorkspace.Count -eq 0) | |
| { | |
| $WorkspaceName = "AZSK-log-analytics-" + (Get-Random -Maximum 99999) | |
| $LogAnalyticsWorkspace = New-AzureRmOperationalInsightsWorkspace ` | |
| -ResourceGroupName $RgName ` | |
| -Name $WorkspaceName ` | |
| -Location $Location ` | |
| -Sku "standalone" | |
| } | |
| #Get Subscription Id | |
| $SubscriptionId = Get-AzureRMSubscription ` | |
| | Where-Object Name -eq $SubscriptionName ` | |
| | Select-Object Id | |
| # Setup AzSK View in Log Anlaytics | |
| Install-AzSKOMSSolution -OMSSubscriptionId $SubscriptionId.Id ` | |
| -OMSResourceGroup $RgName ` | |
| -OMSWorkspaceId $LogAnalyticsWorkspace.CustomerId ` | |
| -DoNotOpenOutputFolder | |
| $LogAnalyticsKeys = Get-AzureRmOperationalInsightsWorkspaceSharedKeys -ResourceGroupName $RgName -Name $LogAnalyticsWorkspace.Name | |
| Set-AzSKOMSSettings -OMSWorkspaceID $LogAnalyticsWorkspace.CustomerId -OMSSharedKey $LogAnalyticsKeys.PrimarySharedKey |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Param | |
| ( | |
| [Parameter(Mandatory=$true)] | |
| [string]$SubscriptionName | |
| ) | |
| Import-Module AzSK | |
| Login-AzureRMAccount | |
| # Run this in a new Powershell Window after running previous script | |
| $SubscriptionId = Get-AzureRMSubscription ` | |
| | Where-Object Name -eq $SubscriptionName ` | |
| | Select-Object Id | |
| Set-AzSKUserPreference -OutputFolderPath (Get-Location).Path | |
| Get-AzSKSubscriptionSecurityStatus -SubscriptionId $SubscriptionId.Id -GeneratePDF Portrait -GenerateFixScript | |
| Get-AzSKAzureServicesSecurityStatus -SubscriptionId $SubscriptionId.Id -GeneratePDF Portrait -GenerateFixScript | |
| Set-AzSKUserPreference -ResetOutputFolderPath |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment