-
Notifications
You must be signed in to change notification settings - Fork 0
/
test.ps1
61 lines (56 loc) · 2.7 KB
/
test.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
$GitUrls = @('https://github.com/Azure/azure-policy','https://github.com/Azure/Community-Policy')
$GitUrls | % {
$Path = $($_.Split('/')[-1])
if (!(Test-Path -Path .\$Path)) {
git clone $_
} else {
cd .\$Path
git pull
cd ..
}
}
# Excluding Monitoring
$ResourceType = @('Azure Active Directory', 'Backup','Compute','General','Guest Configuration','Key Vault','Managed Identity','Network','Security Center','Site Recovery','Storage','Authorization','General','HybridUseBenefits','KeyVault','LoadBalancer')
$BuiltinPolicies = $ResourceType | % {
[PSCustomObject]@{
ResourceType = $_
PolicyDefinition = $(
Get-childitem -Path ".\azure-policy\built-in-policies\policyDefinitions\$_" -File -Recurse -Filter '*.json' | Where-Object {$_.FullName -notlike '*audit*' -and $_.FullName -notlike '*.rules.json' -and $_.FullName -notlike '*.parameters.json' -and $_.Name -notlike '*Deprecated*'} | Select -ExpandProperty FullName
Get-childitem -Path ".\Community-Policy\Policies\$_" -File -Recurse -Filter '*.json' | Where-Object {$_.FullName -notlike '*audit*' -and $_.FullName -notlike '*.rules.json' -and $_.FullName -notlike '*.parameters.json' -and $_.Name -notlike '*Deprecated*'} | Select -ExpandProperty FullName
)
}
}
$Content = $BuiltinPolicies | % {
$Defs = $($_.PolicyDefinition | ForEach-Object {
$FullPath = $_
Write-verbose "Processing $FullPath" -Verbose
$PolicyDef = Get-Content -LiteralPath $FullPath -Raw | ConvertFrom-Json -Depth 100
$UrlLink = $('https://github.com/Azure/' + $($FullPath.Split('\')[3]) + '/tree/master/' + $($FullPath.Split('\')[4..$($FullPath.Split('\').Length)] -join '/'))
if ($PolicyDef.Properties.DisplayName) {
if ($PolicyDef.Properties.DisplayName -like '*Deprecated*') {
Write-verbose "This policy $($PolicyDef.Properties.DisplayName) is deprecated." -verbose
} else {
[PSCustomObject]@{
DisplayName = $PolicyDef.Properties.DisplayName
Description = $PolicyDef.Properties.description
Path = $UrlLink
}
}
} else {
Write-Verbose "$FullPath does not contain displayName." -Verbose
[PSCustomObject]@{
DisplayName = $FullPath.Split('\')[-2]
Description = $FullPath.Split('\')[-2]
Path = $UrlLink
}
}
})
[PSCustomObject]@{
ResourceType = $_.ResourceType
PolicyDefinitions = $Defs
}
}
$Content | %{
$Name = $_.ResourceType
$_.PolicyDefinitions | Export-Csv -Path .\$Name.csv -Delimiter ';' -Encoding utf8
}