Skip to content

Commit

Permalink
Updated links/cmdlets
Browse files Browse the repository at this point in the history
  • Loading branch information
@Khushboo-msft
Khushboo-msft committed Mar 19, 2019
1 parent 4123692 commit 3b1fb07
Show file tree
Hide file tree
Showing 8 changed files with 53 additions and 49 deletions.
62 changes: 33 additions & 29 deletions 00b-Getting-Started/GettingStarted_PowerShellTipsAzSK.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -187,17 +187,17 @@ PS C:\> Get-Command -Module AzSK
CommandType Name Version Source
----------- ---- ------- ------
Function Get-AzSKAccessToken 3.0.0 AzSK
Function Get-AzSKAzureServicesSecurityStatus 3.0.0 AzSK
Function Get-AzSKContinuousAssurance 3.0.0 AzSK
Function Get-AzSKControlsStatus 3.0.0 AzSK
Function Get-AzSKExpressRouteNetworkSecurityStatus 3.0.0 AzSK
Function Get-AzSKSubscriptionSecurityStatus 3.0.0 AzSK
Function Get-AzSKSupportedResourceTypes 3.0.0 AzSK
Function Install-AzSKContinuousAssurance 3.0.0 AzSK
Function Install-AzSKOMSSolution 3.0.0 AzSK
Function Remove-AzSKAlerts 3.0.0 AzSK
Function Remove-AzSKARMPolicies 3.0.0 AzSK
Function Get-AzSKAccessToken 3.11.0 AzSK
Function Get-AzSKAzureServicesSecurityStatus 3.11.0 AzSK
Function Get-AzSKContinuousAssurance 3.11.0 AzSK
Function Get-AzSKControlsStatus 3.11.0 AzSK
Function Get-AzSKExpressRouteNetworkSecurityStatus 3.11.0 AzSK
Function Get-AzSKSubscriptionSecurityStatus 3.11.0 AzSK
Function Get-AzSKSupportedResourceTypes 3.11.0 AzSK
Function Install-AzSKContinuousAssurance 3.11.0 AzSK
Function Install-AzSKMonitoringSolution 3.11.0 AzSK
Function Remove-AzSKAlerts 3.11.0 AzSK
Function Remove-AzSKARMPolicies 3.11.0 AzSK
...
(truncated)
```
Expand All @@ -207,28 +207,32 @@ PS C:\> Get-Command -Name Get* -Module AzSK
CommandType Name Version Source
----------- ---- ------- ------
Function Get-AzSKAccessToken 3.0.0 AzSK
Function Get-AzSKAzureServicesSecurityStatus 3.0.0 AzSK
Function Get-AzSKContinuousAssurance 3.0.0 AzSK
Function Get-AzSKControlsStatus 3.0.0 AzSK
Function Get-AzSKExpressRouteNetworkSecurityStatus 3.0.0 AzSK
Function Get-AzSKSubscriptionSecurityStatus 3.0.0 AzSK
Function Get-AzSKSupportedResourceTypes 3.0.0 AzSK
Function Get-AzSKAccessToken 3.11.0 AzSK
Function Get-AzSKARMTemplateSecurityStatus 3.11.0 AzSK
Function Get-AzSKAzureServicesSecurityStatus 3.11.0 AzSK
Function Get-AzSKContinuousAssurance 3.11.0 AzSK
Function Get-AzSKControlsStatus 3.11.0 AzSK
Function Get-AzSKExpressRouteNetworkSecurityStatus 3.11.0 AzSK
Function Get-AzSKInfo 3.11.0 AzSK
Function Get-AzSKOrganizationPolicyStatus 3.11.0 AzSK
Function Get-AzSKSecurityRecommendationReport 3.11.0 AzSK
Function Get-AzSKSubscriptionSecurityStatus 3.11.0 AzSK
Function Get-AzSKSupportedResourceTypes 3.11.0 AzSK
```

###### Get all AzSK commands have 'Subscription' anywhere in the name
```PowerShell
PS C:\> Get-Command -Name *Subscription* -Module AzSK
CommandType Name Version Source
----------- ---- ------- ------
Function Get-AzSKSubscriptionSecurityStatus 3.0.0 AzSK
Function Remove-AzSKSubscriptionRBAC 3.0.0 AzSK
Function Remove-AzSKSubscriptionSecurity 3.0.0 AzSK
Function Repair-AzSKSubscriptionSecurity 3.0.0 AzSK
Function Set-AzSKSubscriptionRBAC 3.0.0 AzSK
Function Set-AzSKSubscriptionSecurity 3.0.0 AzSK
Function Update-AzSKSubscriptionSecurity 3.0.0 AzSK
CommandType Name Version Source
----------- ---- ------- ------
Function Get-AzSKSubscriptionSecurityStatus 3.11.0 AzSK
Function Remove-AzSKSubscriptionRBAC 3.11.0 AzSK
Function Remove-AzSKSubscriptionSecurity 3.11.0 AzSK
Function Repair-AzSKSubscriptionSecurity 3.11.0 AzSK
Function Set-AzSKSubscriptionRBAC 3.11.0 AzSK
Function Set-AzSKSubscriptionSecurity 3.11.0 AzSK
Function Update-AzSKSubscriptionSecurity 3.11.0 AzSK
```

###### Get all commands from *any* available module (not just AzSK) that start with 'Backup'
Expand Down Expand Up @@ -345,11 +349,11 @@ Manifest 2.0.0.0 PSWorkflow {New-PSWorkflowExecuti

You can also check for a specific module using "Get-Module 'module-name'"
```PowerShell
PS C:\> get-module azsk
PS C:\> Get-Module AzSK
ModuleType Version Name ExportedCommands
---------- ------- ---- ----------------
Script 3.0.0 AzSK {Get-AzSKAccessToken, Get-AzSKAzur...
Script 3.11.0 AzSK {Get-AzSKAccessToken, Get-AzSKAzur...
```
Version conflicts happen if, due to some action, multiple versions of the same module get loaded within a single session.
For example, you may notice that a new version of AzSK is available (based on a warning from a scan command)
Expand Down
4 changes: 2 additions & 2 deletions 00b-Getting-Started/Readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ in the table below:
|Get-AzSKSupportedResourceTypes (GSRT)|Lists the currently supported Azure service types in AzSK. Basically, all resources in this list have SVTs available and these SVTs will be invoked whenever Get-AzSKAzureServicesSecurityStatus is run.|NA.|
|Get-AzSKInfo (GAI)|This command would help users to get details of various components of AzSK. |Reader on subscription, Contributor on AzSKRG|
|Install-AzSKContinuousAssurance (ICA)|Sets up continuous assurance for a subscription. This creates various artifacts such as resource group, storage account and automation account| Owner on subscription.|
|Install-AzSKOMSSolution (IOM)|Creates and deploys a Log Analytics view in a subscription that has a Log Analytics workspace. The Log Analytics view provides visibility to application state across dev ops stages. It also creates alerts, common search queries, etc. |Reader on subscription.|
|Install-AzSKMonitoringSolution (IMS)|Creates and deploys a Log Analytics view in a subscription that has a Log Analytics workspace. The Log Analytics view provides visibility to application state across dev ops stages. It also creates alerts, common search queries, etc. |Reader on subscription.|
|Remove-AzSKAlerts (RAL)|Removes the alerts configured by AzSK.|Owner on subscription.|
|Remove-AzSKARMPolicies (RAP)|Removes the ARM policy configured by AzSK.|Owner on subscription.|
|Remove-AzSKContinuousAssurance (RCA)|Removes the AzSK CA setup (including, optionally, the container being used for storing reports).|Reader on subscription.|
Expand All @@ -57,7 +57,7 @@ in the table below:
|Set-AzSKARMPolicies (SAP)|Sets up a core set of ARM policies in a subscription.<br>This is internally called by Set-AzSKSubscriptionSecurity.|Owner on subscription.|
|Set-AzSKAzureSecurityCenterPolicies (SSC)|Sets up ASC policies and security points of contact. <br>This is internally called by Set-AzSKSubscriptionSecurity.|Reader on subscription.|
|Set-AzSKEventHubSettings (SEHS)|Configures AzSK to send scan results to the provided EventHub. Currently available only in 'ad hoc' or 'SDL' mode.|NA|
|Set-AzSKOMSSettings (SOS)|Configures AzSK to send scan results to the provided Log Analytics workspace. Events can be sent to Log Analytics from 'ad hoc'/SDL mode (via this configuration) or from CICD by specifying Log Analytics settings in a variable or from CA by specifying Log Analytics settings in the CA installation command.|Reader on subscription.|
|Set-AzSKMonitoringSettings (SMS)|Configures AzSK to send scan results to the provided Log Analytics workspace. Events can be sent to Log Analytics from 'ad hoc'/SDL mode (via this configuration) or from CICD by specifying Log Analytics settings in a variable or from CA by specifying Log Analytics settings in the CA installation command.|Reader on subscription.|
|Set-AzSKPolicySettings (SPS)|Configures the server URL that is used by AzSK to download controls and config JSON. If this is not called, AzSK runs in an 'org-neutral' mode using a generic policy. Once this command is called, AzSK gets provisioned with the URL of a server/CDN where it can download control/config JSON from.|Reader on subscription.|
|Set-AzSKSubscriptionRBAC (SRB)|Sets up RBAC for a subscription. Configures "mandatory" accounts by default and function/scenario specific accounts if additional "tags" are provided.|Owner on subscription.|
|Set-AzSKSubscriptionSecurity (SSS)|Master command that takes combined inputs and invokes the individual setup commands for RBAC, ARM policy, Alerts and ASC.|Owner on subscription.|
Expand Down
4 changes: 2 additions & 2 deletions 01-Subscription-Security/Readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -225,7 +225,7 @@ Set-AzSKSubscriptionSecurity -SubscriptionId <subscriptionId> -SecurityContactEm
```
|Config Param Name |Purpose |
| --------------- | -------- |
|SecurityContactEmails |Comma-separated list of emails (e.g., 'abc@microsoft.com, def.microsoft.com') for contact preference|
|SecurityContactEmails |Comma-separated list of emails (e.g., 'abc@microsoft.com, def@microsoft.com') for contact preference|
|SecurityPhoneNumber |Single phone number (e.g., '425-882-8080' or '+91-98765-43210' or '+1-425-882-8080') for contact preference|

> **Note**:
Expand Down Expand Up @@ -434,7 +434,7 @@ Set-AzSKAzureSecurityCenterPolicies -SubscriptionId <SubscriptionId> `
|Config Param Name |Purpose |
| --------------- | -------- |
|SubscriptionId |Subscription ID against which ASC would be setup |
|SecurityContactEmails |Comma-separated list of emails (e.g., 'abc@microsoft.com, def.microsoft.com') for contact preference|
|SecurityContactEmails |Comma-separated list of emails (e.g., 'abc@microsoft.com, def@microsoft.com') for contact preference|
|SecurityPhoneNumber |Single phone number (e.g., '425-882-8080' or '+91-98765-43210' or '+1-425-882-8080') for contact preference|

This command will *overwrite* the contact emails and contact phone previously set in Azure Security Center.
Expand Down
8 changes: 4 additions & 4 deletions 07-Customizing-AzSK-for-your-Org/Scripts/OrgPolicyFixScript.ps1.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,11 @@ function Login

if($this.SubscriptionContext.SubscriptionId -ne $BlankSubId)
{
$rmLogin = Add-AzureRmAccount -SubscriptionId $SubscriptionId
$rmLogin = Connect-AzAccount -SubscriptionId $SubscriptionId
}
else
{
$rmLogin = Add-AzureRmAccount
$rmLogin = Connect-AzAccount
}

if($rmLogin)
Expand Down Expand Up @@ -275,7 +275,7 @@ if(-not $RestoreFromBackup)
}

#b. Validate presense of policy resources storage, app insight and monitoring dashboard
$policyResources= Find-AzureRmResource -ResourceGroupName $policyResourceGroupName
$policyResources= Get-AzResource -ResourceGroupName $policyResourceGroupName
#Check if poliy store is present
$policyStore = $policyResources | Where-Object {$_.ResourceType -eq "Microsoft.Storage/storageAccounts" }
if(($policyStore | Measure-Object).Count -eq 0)
Expand Down Expand Up @@ -633,7 +633,7 @@ else
else
{
WriteMessage "Uploading configurations from backup folder to policy store..." $([MessageType]::Info)
$policyResources= Find-AzureRmResource -ResourceGroupName $policyResourceGroupName
$policyResources= Get-AzResource -ResourceGroupName $policyResourceGroupName
#Check if poliy store is present
$policyStore = $policyResources | Where-Object {$_.ResourceType -eq "Microsoft.Storage/storageAccounts" }
if(($policyStore | Measure-Object).Count -eq 0)
Expand Down
8 changes: 4 additions & 4 deletions 07-Customizing-AzSK-for-your-Org/Scripts/OrgPolicyFixScript.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,11 @@ function Login

if($this.SubscriptionContext.SubscriptionId -ne $BlankSubId)
{
$rmLogin = Add-AzureRmAccount -SubscriptionId $SubscriptionId
$rmLogin = Connect-AzAccount -SubscriptionId $SubscriptionId
}
else
{
$rmLogin = Add-AzureRmAccount
$rmLogin = Connect-AzAccount
}

if($rmLogin)
Expand Down Expand Up @@ -275,7 +275,7 @@ if(-not $RestoreFromBackup)
}

#b. Validate presense of policy resources storage, app insight and monitoring dashboard
$policyResources= Find-AzureRmResource -ResourceGroupName $policyResourceGroupName
$policyResources= Get-AzResource -ResourceGroupName $policyResourceGroupName
#Check if poliy store is present
$policyStore = $policyResources | Where-Object {$_.ResourceType -eq "Microsoft.Storage/storageAccounts" }
if(($policyStore | Measure-Object).Count -eq 0)
Expand Down Expand Up @@ -635,7 +635,7 @@ else
else
{
WriteMessage "Uploading configurations from backup folder to policy store..." $([MessageType]::Info)
$policyResources= Find-AzureRmResource -ResourceGroupName $policyResourceGroupName
$policyResources= Get-AzResource -ResourceGroupName $policyResourceGroupName
#Check if poliy store is present
$policyStore = $policyResources | Where-Object {$_.ResourceType -eq "Microsoft.Storage/storageAccounts" }
if(($policyStore | Measure-Object).Count -eq 0)
Expand Down
6 changes: 3 additions & 3 deletions 07-Customizing-AzSK-for-your-Org/Scripts/OrgPolicyHealthCheck.ps1.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,11 @@ $PolicyResourceGroupName

if($this.SubscriptionContext.SubscriptionId -ne $BlankSubId)
{
$rmLogin = Add-AzureRmAccount -SubscriptionId $SubscriptionId
$rmLogin = Connect-AzAccount -SubscriptionId $SubscriptionId
}
else
{
$rmLogin = Add-AzureRmAccount
$rmLogin = Connect-AzAccount
}

if($rmLogin)
Expand Down Expand Up @@ -159,7 +159,7 @@ $PolicyScanOutput.Resources.ResourceGroup = $true
}

#b. Validate presense of policy resources storage, app insight and monitoring dashboard
$policyResources= Find-AzureRmResource -ResourceGroupName $policyResourceGroupName
$policyResources= Get-AzResource -ResourceGroupName $policyResourceGroupName
#Check if poliy store is present
$policyStore = $policyResources | Where-Object {$_.ResourceType -eq "Microsoft.Storage/storageAccounts" }
if(($policyStore | Measure-Object).Count -eq 0)
Expand Down
6 changes: 3 additions & 3 deletions 07-Customizing-AzSK-for-your-Org/Scripts/OrgPolicyHealthCheck.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,11 @@ $PolicyResourceGroupName

if($this.SubscriptionContext.SubscriptionId -ne $BlankSubId)
{
$rmLogin = Add-AzureRmAccount -SubscriptionId $SubscriptionId
$rmLogin = Connect-AzAccount -SubscriptionId $SubscriptionId
}
else
{
$rmLogin = Add-AzureRmAccount
$rmLogin = Connect-AzAccount
}

if($rmLogin)
Expand Down Expand Up @@ -159,7 +159,7 @@ $PolicyScanOutput.Resources.ResourceGroup = $true
}

#b. Validate presense of policy resources storage, app insight and monitoring dashboard
$policyResources= Find-AzureRmResource -ResourceGroupName $policyResourceGroupName
$policyResources= Get-AzResource -ResourceGroupName $policyResourceGroupName
#Check if poliy store is present
$policyStore = $policyResources | Where-Object {$_.ResourceType -eq "Microsoft.Storage/storageAccounts" }
if(($policyStore | Measure-Object).Count -eq 0)
Expand Down
4 changes: 2 additions & 2 deletions FAQs/Readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,10 @@
- [Should I run PowerShell ISE as administrator or regular user?](../00a-Setup/Readme.md#should-i-run-powershell-ise-as-administrator-or-regular-user)
- [Error message: "Running scripts is disabled on this system..."](../00a-Setup/Readme.md#error-message-running-scripts-is-disabled-on-this-system)
- [Error message: "PackageManagement\Install-Package: cannot process argument transformation on parameter 'InstalledModuleInfo'..."](../00a-Setup/Readme.md#error-message-packagemanagementinstall-package-cannot-process-argument-transformation-on-parameter-installedmoduleinfo)
- [Error message: "WARNING: The version '3.x.y' of module 'Az.Accounts' is currently in use. Retry the operation after closing..."](../00a-Setup/Readme.md#error-message-warning-the-version-3xy-of-module-azurermprofile-is-currently-in-use-retry-the-operation-after-closing)
- [Error message: "WARNING: The version '3.x.y' of module 'Az.Accounts' is currently in use. Retry the operation after closing..."](../00a-Setup/Readme.md#error-message-warning-the-version-1xy-of-module-azaccounts-is-currently-in-use-retry-the-operation-after-closing)
- [Error message: "The property 'Id' cannot be found on this object. Verify that the property exists..."](../00a-Setup/Readme.md#error-message-the-property-id-cannot-be-found-on-this-object-verify-that-the-property-exists)
- [Message: "Warning : Microsoft Azure PowerShell collects data about how users use PowerShell cmdlets..."](../00a-Setup/Readme.md#message-warning--microsoft-azure-powershell-collects-data-about-how-users-use-powershell-cmdlets)
- [When will AzSK support the newest Az dependencies? Can I run both side by side? In the meantime, what if I need to run both AzSK and the new version of Az modules (for different tasks)?](../00a-Setup/Readme.md#when-will-azsk-support-the-newest-azurerm-dependencies-can-i-run-both-side-by-side-in-the-meantime-what-if-i-need-to-run-both-azsk-and-the-new-version-of-azurerm-modules-for-different-tasks)
- [When will AzSK support the newest Az dependencies? Can I run both side by side? In the meantime, what if I need to run both AzSK and the new version of Az modules (for different tasks)?](../00a-Setup/Readme.md#when-will-azsk-support-the-newest-az-dependencies-can-i-run-both-side-by-side-in-the-meantime-what-if-i-need-to-run-both-azsk-and-the-new-version-of-az-modules-for-different-tasks)
- [How often should I upgrade my installation of AzSK? How long will it take?](../00a-Setup/Readme.md#how-often-should-i-upgrade-my-installation-of-azsk-how-long-will-it-take)

- ### Subscription-Security
Expand Down

0 comments on commit 3b1fb07

Please sign in to comment.