/azure-security-as-code

Scripts to define your azure security governance as code and avoid manual settings of permissions and avoiding configuration drift

Primary LanguagePowerShellMIT LicenseMIT

Azure Security as Code Azure Security as Code is a set of scripts to define your azure security governance as code and avoid manual settings of permissions and avoiding configuration drift.

This library is created in a modular fashion where each module will deliver the functionality for security governance of a specific Azure resource type

Current Azure resource types supported

  • Resource Groups
  • Security Groups
  • Azure SQL
  • Keyvault

Future Azure resource types on backlog

  • Azure Datalake
  • Others

If you have preferences on other resource types let us known in the issues.

Usage

Usage in general

Prerequisites

  • install yaml module needed to generate yaml outputs
Install-Module Azure-SecurityAsCode
  • Login with Azure CLI and select your subscription
az login
  • Check available cmdlets
Get-Command -Module Azure-SecurityAsCode

Usage Resource Group Download

  • Run 1 resource group or all
Get-Asac-AllResourceGroups

#or

Process-Asac-ResourceGroup -resourcegroup "resourcegroupName"

For more information, please see the Wiki