-
Notifications
You must be signed in to change notification settings - Fork 0
/
GetDeployments.ps1
47 lines (40 loc) · 1.13 KB
/
GetDeployments.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
<#
.SYNOPSIS
Get deployments from a JSON file.
.DESCRIPTION
For Azure_Subscription_DP_Avoid_Plaintext_Secrets_Deployments
#>
param(
# Json file path
[Parameter(Mandatory)]
[string] $Path
)
$ErrorActionPreference = 'Stop'
$InformationPreference = 'Continue'
function GetDeploymentAndSecret {
param(
[string] $Source,
[string] $Secret
)
$pattern = '^/subscriptions/(?<sub>.+)/resourceGroups/(?<rg>.+)/providers/Microsoft.Resources/deployments/(?<deployment>.+)'
if (!($Source -match $pattern)) {
throw "'$Source' doesn't match '$pattern'!"
}
return [pscustomobject]@{
Sub = $Matches.sub
Rg = $Matches.rg
Deploymkent = $Matches.deployment
Secret = $Secret
}
}
$json = cat -Raw $Path | ConvertFrom-Json
# NOTE: $json is a custom PSObject, not a Hashtable. So $json['xxx'] is not available.
$detections = $json.Detections
if (!$detections) {
Write-Information 'Processing truncated data...'
$detections = $json.'Truncated Data'.Detections
}
else {
Write-Information 'Processing data...'
}
$detections | %{ GetDeploymentAndSecret $_.Source $_.Secret }