Scripts to define your azure security governance as code and avoid manual settings of permissions and avoiding configuration drift
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Azure-SecurityAsCode
Docker
SampleStructure
img
.gitignore
Datalake-Module.ps1
DebugModule.ps1
LICENSE
README.md
commands.ps1
commands.sh
config.yml
security.yaml

README.md

Azure Security as Code Azure Security as Code is a set of scripts to define your azure security governance as code and avoid manual settings of permissions and avoiding configuration drift.

This library is created in a modular fashion where each module will deliver the functionality for security governance of a specific Azure resource type

Current Azure resource types supported

  • Resource Groups
  • Security Groups
  • Azure SQL
  • Keyvault

Future Azure resource types on backlog

  • Azure Datalake
  • Others

If you have preferences on other resource types let us known in the issues.

Usage

Usage in general

Prerequisites

  • install yaml module needed to generate yaml outputs
Install-Module Azure-SecurityAsCode
  • Login with Azure CLI and select your subscription
az login
  • Check available cmdlets
Get-Command -Module Azure-SecurityAsCode

Usage Resource Group Download

  • Run 1 resource group or all
Get-Asac-AllResourceGroups

#or

Process-Asac-ResourceGroup -resourcegroup "resourcegroupName"

For more information, please see the Wiki