This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Azure runbook running under an automation account. | |
| #Requires -Modules MSOnline | |
| Import-Module -Name MSOnline | |
| $creds = Get-AutomationPSCredential -Name 'AzureADConnectSyncAccount' | |
| Connect-MsolService -Credential $creds | |
| <# | |
| .SYNOPSIS |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Find installed software via registry | |
| Get-ChildItem -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ | Get-ItemProperty | | |
| Select-Object DisplayName, UninstallString | Format-List | |
| Get-ChildItem -Path HKLM:\SOFTWARE\Wow6432node\Microsoft\Windows\CurrentVersion\Uninstall | Get-ItemProperty | | |
| Select-Object DisplayName, UninstallString | Format-List | |
| # Chocolatey - check chocolatey is installed and then list install packages | |
| if($env:Path -like '*chocolatey*') { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get EC2 basic details along with the name of the ami the instance was created from (where this is available). | |
| # Need appropriate permissions to read EC2 details | |
| $ec2List = Get-EC2Instance -Filter @{'name'='instance-state-name';'values'='running'} | |
| # Remove TeamCity Agents - not needed. | |
| $noAgentList = $ec2List.Instances | Where-Object {($_ | Select-Object -ExpandProperty tags | Where-Object -Property Key -eq Name ).value -notlike "TeamCityAgent*"} | |
| $ec2DetailsList = $noAgentList| ForEach-Object { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create an IAM profile with the policy that allows the EC2 agent to access the correct resources for cloudwatch monitoring. | |
| # https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/create-iam-roles-for-cloudwatch-agent-commandline.html | |
| $InstanceProfileName = 'CloudWatchAgentServerRole' | |
| $RoleName = 'CloudWatchAgentServerRole' | |
| $RoleDescription = 'AWS EC2 Instance Agent role. Allow access to cloudwatch to put logs for monitoring' | |
| # trust policy for the EC2 service | |
| $TrustPolicy = @' | |
| { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Create an AWS multiregion CloudTrail and S3 bucket logging all data events for S3 and lambda services. | |
| .DESCRIPTION | |
| This script creates an S3 bucket with public access blocked for CloudTrail logs. | |
| The CloudTrail created is a multiregion trail that logs all data events for S3 and Lambda. | |
| An IAM user or role is required to have permissions to create a CloudTrail and S3 bucket. | |
| .NOTES | |
| Requires the AWS PowerShell module: https://aws.amazon.com/powershell/ | |
| Install-Module -Name AWSPowerShell -Scope CurrentUser |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Gets all the AD users under the users OU and sorts them by length of UserPrincipalName. | |
| $upnList = (Get-ADUser -Filter * -Properties userprincipalname -SearchBase 'OU=Users,DC=matthewdavis111,DC=com').userprincipalname | |
| $upnDetails = foreach($upn in $upnList){ | |
| [pscustomobject]@{ | |
| 'Name' = $upn | |
| 'Count' = $upn.ToCharArray().count | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "variables": { | |
| "subscription_id": "{{env `ARM_SUBSCRIPTION_ID`}}", | |
| "managed_image_name": "{{env `MANAGED_IMAGE_NAME`}}", | |
| "resource_group_name": "{{env `RESOURCE_GROUP_NAME`}}" | |
| }, | |
| "builders": [ | |
| { | |
| "type": "azure-arm", | |
| "subscription_id": "{{user `subscription_id`}}", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "variables": { | |
| "client_id": "{{env `ARM_CLIENT_ID`}}", | |
| "client_secret": "{{env `ARM_CLIENT_SECRET`}}", | |
| "subscription_id": "{{env `ARM_SUBSCRIPTION_ID`}}", | |
| "tenant_id": "{{env `ARM_TENANT_ID`}}", | |
| "managed_image_name": "{{env `MANAGED_IMAGE_NAME`}}", | |
| "resource_group_name": "{{env `RESOURCE_GROUP_NAME`}}" | |
| }, | |
| "builders": [ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "variables": { | |
| "client_id": "{{env `ARM_CLIENT_ID`}}", | |
| "client_secret": "{{env `ARM_CLIENT_SECRET`}}", | |
| "subscription_id": "{{env `ARM_SUBSCRIPTION_ID`}}", | |
| "tenant_id": "{{env `ARM_TENANT_ID`}}", | |
| "gallery_resource_group": "{{env `GALLERY_RESOURCE_GROUP`}}", | |
| "managed_image_resource_group": "{{env `MANAGED_IMAGE_RESOURCE_GROUP`}}", | |
| "managed_image_name": "{{env `MANAGED_IMAGE_NAME`}}", | |
| "gallery_name": "{{env `GALLERY_NAME`}}", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Invite guest users to Azure Active Directory for demo application. | |
| .DESCRIPTION | |
| Users to be provided in CSV file with the headings 'username,email'. | |
| Users will be be checked to see if they have been invited to Azure AD as a guest user previously. If there is already an invite, then no action will be take, if a user doesn't exist in Azure AD, then an invite will be sent. | |
| Output will be logged to the job output in Azure. | |
| .NOTES | |
| https://docs.microsoft.com/en-us/azure/active-directory/b2b/b2b-quickstart-invite-powershell | |
| #> |