Created
February 18, 2021 15:10
-
-
Save machv/1709b0d7c0fab6cd6d9674ad05edc4c3 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $policyName = "DDoS" | |
| $roleToNotify = "Owner" | |
| $policy = Get-AzPolicyDefinition | Where-Object { $_.Properties.displayname -eq $policyName } | |
| $nonCompliantNetworks = Get-AzPolicyState | Where-Object { $_.ComplianceState -eq "NonCompliant" -and $_.PolicyDefinitionName -eq $policy.Name } | Group-Object SubscriptionId | |
| foreach($group in $nonCompliantNetworks) { | |
| $subscriptionId = $group.Name | |
| $networks = $group.Group | |
| $users = @() | |
| $assignments = Get-AzRoleAssignment -Scope "/subscriptions/$($subscriptionId)" | Where-Object RoleDefinitionName -eq $roleToNotify | |
| foreach($assignment in $assignments) { | |
| $user = Get-AzADUser -ObjectId $assignment.ObjectId | |
| if($user.Mail) { | |
| $users += $user | |
| } | |
| } | |
| Write-Host -ForegroundColor Yellow "Subscription $($subscriptionId) contains $($networks.Count) non-compliant networks:" | |
| foreach($network in $networks) { | |
| $network = Get-AzResource -ResourceId $network.ResourceId | |
| " * $($network.Name) (Resoure Group: $($network.ResourceGroupName))" | |
| } | |
| Write-Host -ForegroundColor Yellow "`nUsers in role $($roleToNotify) to notify:" | |
| foreach($user in $users) { | |
| " * $($user.DisplayName) ($($user.Mail))" | |
| } | |
| "----------------------------------------------------------------------------------------------`n`n" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment