-
Notifications
You must be signed in to change notification settings - Fork 0
/
Az Policy evaluation Trigger v1.ps1
54 lines (42 loc) · 1.96 KB
/
Az Policy evaluation Trigger v1.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<#
****Note:
It is recommended to run from Azure Cloud Shell.
If not running from Cloud Shell be sure to log into Azure with Connect-AzAccount.
#>
# Azure Login:
$account = Get-AzContext
if ($null -eq $account.Account) {
Write-Output(" Azure account context not found, please login")
Connect-AzAccount
}
<#
****Note:
If running from Azure Cloud Shell run everything after this comment.
#>
# Get your Azure Subscriptions and set in variable
$subscriptions = Get-AzSubscription
$subscriptionids = $subscriptions.Id
# Set Azure subscriptions
foreach($subscriptionids in $subscriptionids){
Set-AzContext -Subscription $subscriptionids
$azContext = Get-AzContext
$azProfile = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile
$profileClient = New-Object -TypeName Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient -ArgumentList ($azProfile)
$token = $profileClient.AcquireAccessToken($azContext.Subscription.TenantId)
$authHeader = @{
'Content-Type'='application/json'
'Authorization'='Bearer ' + $token.AccessToken
}
# Define the REST API to communicate with
# Use double quotes for $restUri as some endpoints take strings passed in single quotes
# Use to target All Subscriptions you use:
$restUri = "https://management.azure.com/subscriptions/$subscriptionids/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04"
# Use to target a resource group:
# Prompt for Resource Group Name
# $ResourceGroup = Read-host 'Input the name of the resource group to evaluate.'
# $restUri = "https://management.azure.com/subscriptions/$SubscriptionIds/resourceGroups/$ResourceGroup/providers/Microsoft.PolicyInsights/policyStates/latest/triggerEvaluation?api-version=2018-07-01-preview"
# Invoke the REST API
$response = Invoke-RestMethod -Uri $restUri -Method POST -Headers $authHeader
# View the response object (as JSON)
$response
}