-
-
Save bgelens/58c7854b9a111a46363deccf13ea7937 to your computer and use it in GitHub Desktop.
$tenantId = '' | |
$context = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile.DefaultContext | |
$token = [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.AuthenticationFactory.Authenticate( | |
$context.Account, | |
$context.Environment, | |
$context.Tenant.Id.ToString(), | |
$null, | |
[Microsoft.Azure.Commands.Common.Authentication.ShowDialog]::Never, | |
$null, | |
'https://management.azure.com/' | |
) | |
$subscriptions = Get-AzSubscription -TenantId $tenantId | |
$body = @{ | |
subscriptionId = @( | |
$subscriptions.SubscriptionId | |
) | |
subscriptionName = @( | |
$subscriptions.Name | |
) | |
} | ConvertTo-Json | |
@( | |
'Azure CIS 1.1.0' | |
'PCI DSS 3.2.1' | |
'SOC TSP' | |
'ISO 27001' | |
) | ForEach-Object -Process { | |
$escapedReportName = [uri]::EscapeDataString($_) | |
irm "https://s2.security.ext.azure.com/api/regulatoryCompliance/reports/executiveSummary?standardName=$escapedReportName" -Headers @{ | |
Authorization = "Bearer $($token.AccessToken)" | |
} -Method Post -Body $body -OutFile "/Users/bengelens/Desktop/$_.pdf" | |
} |
@scarytoon I guess they changed their API (it's undocumented afaik). If I have some time this week I'll look into it
@scarytoon I guess they changed their API (it's undocumented afaik). If I have some time this week I'll look into it
Great. Thank you. These reports seem to be useful for "higher Management." Or the other options would be to explore getting the compliance/recommendations and outputting these into a HTML format.
HI, did you have any luck of getting it to work ?
TBH, I did not think about it until now :( Too busy with non azure things past couple of weeks. Maybe during the weekend (no promises)
@scarytoon I investigated a little bit and found that it's the tokens that are not working anymore. When copying a token used in the portal and passing it in as the bearer token for the PowerShell script, things work fine.
I diffed the tokens and found a couple of noticeable differences.
- The resource used in the portal is
https://management.core.windows.net/
- The application in the jwt token is of appidacr type 2 (certifcate auth) with app id c44b4083-3bb0-49c1-b47d-974e53cbdf3c (portal app)
They might have constrained access to this app id. There is no way to know :(
@scarytoon I just noticed @JustinGrote created a function that can fetch a token as the portal app. I did not check it out yet but it might be usable for this scenario as well.
Hi, Looks like a handy little script. Thanks for sharing. However, when i am running this i am getting the following error.
irm : {"error":{"code":"GeneralError","message":"Internal server error has occurred","details":null}}
At line:8 char:3
Any Ideas?