Skip to content

v0.2.0 — Mock mode + onboarding

Choose a tag to compare

@ibondarenko1 ibondarenko1 released this 23 May 18:21

Mock mode lands. Tool can now be tried end-to-end without any Azure access.

What's new

  • ./examples/run-mock.ps1 produces a complete sample report (30 findings across 5 domains) in ~5 seconds. No az login, no tenant, no permissions required.
  • lib/MockClient.psm1 provides drop-in mocks for Graph, ARM, DNS, and Exchange Online calls. All audit scripts route through it when -MockMode is set.
  • examples/fixtures/ ships 16 sanitized JSON fixtures representing a typical small-org tenant with realistic posture gaps. All identifiers synthetic.
  • README quickstart leads with the mock path. Live-tenant path is section 2.

What's preserved

  • Live tenant audit (Phase 1 stabilization from v0.1.0) unchanged. Run with full ./run-audit.ps1 -TenantId ... -SubscriptionId ... -Domain ....
  • 114 Pester tests still passing.
  • Schema v1.0.0 unchanged; mock-mode output is structurally identical to live-mode output.

Adoption barrier dropped

Before v0.2: clone + Azure subscription + Graph permissions + Exchange Online module + 5-10 minutes of setup → see what the tool does.

After v0.2: clone + ./examples/run-mock.ps1 → see exactly what the tool does in 5 seconds.

Next: v0.3 (Per-domain depth — Identity + DNS)

Per ROADMAP.md: expanding Identity audit by +15 checks (PIM eligibility, app consent, service principal audit, named locations, etc.) and DNS by +8 checks (DNSSEC, CAA, DKIM key strength, etc.) plus per-finding documentation_url field.