davidobrien1985

param (
    [bool]$DeleteRoleAssignments = $false
)

if (-not (Get-Module -ListAvailable -Name Az)) {
    Write-Output "Installing Az module..."
    Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force
}

Connect-AzAccount

davidobrien1985

function addProperty(continuationToken) {
    var response = getContext().getResponse();
    var collection = getContext().getCollection();
    var updated = 0;

    if (continuationToken) {   //  Parse the token
        var token = JSON.parse(continuationToken);

        if (!token.queryContinuationToken) {
            throw new Error('Bad token format:  no continuation');

davidobrien1985

<# 
.SYNOPSIS
    Create an Azure Active Directory App Registration / Service Principal to be used for ARGOS Cloud Security https://argos-security.io

.DESCRIPTION 
    This script creates an Azure Active Directory App Registration and an Application Secret that can be used to connect ARGOS Cloud Security to Microsoft Azure in order to scan Azure Subscriptions. The secret has a validity of 12 months.
 
.NOTES 
    Best executed in Azure Cloud Shell (https://shell.azure.com) as Cloud Shell is already authenticated to your tenant. User executing this script requires permissions to create an AAD App Registration and permissions to assign IAM Roles to Azure Subscriptions.

davidobrien1985

public class InventoryBulkStorage : IInventoryBulkStorage
    {
        private readonly CosmosContainer _containerId = CosmosContainer.Inventory;
        private readonly bool _isBulk = true;
        
        public async Task UpsertBulkAsync(IEnumerable<InventoryResource> resources)
        {
            var containers = CosmosProvider.Containers
                .Where(c => c.ContainerId == _containerId && c.IsBulk == _isBulk)
                .ToDictionary(k => k.Region, v => v.Container);

davidobrien1985

# Use https://dev.argos-security.io/ for more information about browsing the API
# Go to https://app.argos-security.io/account/security to generate or get your personal API key

$headers = @{"Ocp-Apim-Subscription-Key"="____________________replace_________________"}

$result = Invoke-WebRequest -Headers $headers -Uri https://oapi.argos-security.io/argos-prod-fn/detections | ConvertFrom-Json

$detections = $result.data.detections
$openDetections = $detections | Where-Object -FilterScript {$_.status -eq "open"}
$azureDetections = $detections | Where-Object -FilterScript {$_.cloud -eq "azure"}

davidobrien1985

{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Effect": "Allow",
			"Action": [
				"ec2:DescribeInstances",
				"ec2:DescribeInternetGateways",
				"ec2:DescribeNetworkAcls",
				"ec2:DescribeNetworkInterfaces",

davidobrien1985

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Content-Type", "application/json")

$body = @'
{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
      "projectName": {
          "type": "string",

davidobrien1985

trigger:
  branches:
    include:
    - master
  paths:
    exclude:
      - infra/*
    include:
      - xirus/*

davidobrien1985

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
      "frontDoorName": {
          "defaultValue": "davidobrien",
          "type": "string"
      },
      "storageAccountName": {
          "defaultValue": "davidobrienmaintenance",

davidobrien1985

package main

import (
	"encoding/json"
	"flag"
	"fmt"
	"io/ioutil"
	"net/http"
)