Skip to content

Commit

Permalink
update
Browse files Browse the repository at this point in the history
  • Loading branch information
singhgss committed Nov 17, 2023
1 parent 84dabbb commit 2f9f48f
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 8 deletions.
12 changes: 6 additions & 6 deletions .github/workflows/sign-scripts-development.yml
Original file line number Diff line number Diff line change
Expand Up @@ -189,8 +189,8 @@ jobs:
"AllowedLocationPolicyId": "e56962a6-4747-49cd-b67b-bf8b01975c4c",
"DepartmentNumber": "163",
"CBSSubscriptionName": "$CBSSUBSCRIPTION_NAME",
"SecurityLAWResourceId": "/subscriptions/$TESTSUBSCRIPTION_ID/resourceGroups/rg-core/providers/Microsoft.OperationalInsights/workspaces/mtb-law01",
"HealthLAWResourceId": "/subscriptions/$TESTSUBSCRIPTION_ID/resourceGroups/rg-core/providers/Microsoft.OperationalInsights/workspaces/mtb-law01",
"securityLAWResourceId": "/subscriptions/87b94215-20de-4561-8fdb-0836899cf924/resourcegroups/ss-cto-cspm-prod-coremanagement-rg/providers/microsoft.operationalinsights/workspaces/ssctocspmprodsecuritylaw",
"healthLAWResourceId": "/subscriptions/87b94215-20de-4561-8fdb-0836899cf924/resourcegroups/ss-cto-cspm-prod-coremanagement-rg/providers/microsoft.operationalinsights/workspaces/ssctocspmprodhealthlaw",
"Locale": "en-CA",
"lighthouseServiceProviderTenantID": "$LIGHTHOUSEPROVIDER_TENANTID",
"lighthousePrincipalDisplayName": "SSC CSPM TEAM",
Expand All @@ -200,7 +200,7 @@ jobs:
"SSCReadOnlyServicePrincipalNameAPPID": "00000000-0000-0000-0000-000000000000",
"uniqueNameSuffix": "$UNIQUENAME_SUFFIX",
"securityRetentionDays": "730",
"cloudUsageProfiles": "1,2"
"cloudUsageProfiles": "3"
}
"@
Set-Content -Path $configFilePath -Value $configContent
Expand Down Expand Up @@ -263,8 +263,8 @@ jobs:
"AllowedLocationPolicyId": "e56962a6-4747-49cd-b67b-bf8b01975c4c",
"DepartmentNumber": "163",
"CBSSubscriptionName": "$CBSSUBSCRIPTION_NAME",
"SecurityLAWResourceId": "/subscriptions/$TESTSUBSCRIPTION_ID/resourceGroups/rg-core/providers/Microsoft.OperationalInsights/workspaces/mtb-law01",
"HealthLAWResourceId": "/subscriptions/$TESTSUBSCRIPTION_ID/resourceGroups/rg-core/providers/Microsoft.OperationalInsights/workspaces/mtb-law01",
"securityLAWResourceId": "/subscriptions/87b94215-20de-4561-8fdb-0836899cf924/resourcegroups/ss-cto-cspm-prod-coremanagement-rg/providers/microsoft.operationalinsights/workspaces/ssctocspmprodsecuritylaw",
"healthLAWResourceId": "/subscriptions/87b94215-20de-4561-8fdb-0836899cf924/resourcegroups/ss-cto-cspm-prod-coremanagement-rg/providers/microsoft.operationalinsights/workspaces/ssctocspmprodhealthlaw",
"Locale": "en-CA",
"lighthouseServiceProviderTenantID": "$LIGHTHOUSEPROVIDER_TENANTID",
"lighthousePrincipalDisplayName": "SSC CSPM TEAM",
Expand All @@ -274,7 +274,7 @@ jobs:
"SSCReadOnlyServicePrincipalNameAPPID": "00000000-0000-0000-0000-000000000000",
"uniqueNameSuffix": "$UNIQUENAME_SUFFIX",
"securityRetentionDays": "730",
"cloudUsageProfiles": "1,2"
"cloudUsageProfiles": "3"
}
"@
Set-Content -Path $configFilePath -Value $configContent
Expand Down
11 changes: 10 additions & 1 deletion setup/backend.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ function Get-GSAAutomationVariable {

Write-Verbose "Getting automation variable '$name'"
# when running in an Azure Automation Account
If ($ENV:AZUREPS_HOST_ENVIRONMENT -eq 'AzureAutomation/') {
If ($ENV:AZUREPS_HOST_ENVIRONMENT -eq 'AzureAutomation/' -or $PSPrivateMetadata.JobId) {
$value = Get-AutomationVariable -Name $name
return $value
}
Expand Down Expand Up @@ -44,6 +44,15 @@ try {
catch {
throw "Critical: Failed to connect to Azure with the 'Connect-AzAccount' command and '-identity' (MSI) parameter; verify that Azure Automation identity is configured. Error message: $_"
}

try {
$RuntimeConfig = Get-AzKeyVaultSecret -VaultName $KeyVaultName -Name 'gsaConfigExportLatest' -AsPlainText -ErrorAction Stop | ConvertFrom-Json | Select-Object -Expand runtime
Set-AzContext -SubscriptionId $RuntimeConfig.subscriptionId
}
catch {
throw "Failed to retrieve config json with secret name gsaConfigExportLatest from KeyVault '$KeyVaultName'. Error message: $_"
}

$SubID = (Get-AzContext).Subscription.Id
$tenantID = (Get-AzContext).Tenant.Id
try {
Expand Down
2 changes: 1 addition & 1 deletion setup/main.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ function Get-GSAAutomationVariable {

Write-Debug "Getting automation variable '$name'"
# when running in an Azure Automation Account
If ($ENV:AZUREPS_HOST_ENVIRONMENT -eq 'AzureAutomation/') {
If ($ENV:AZUREPS_HOST_ENVIRONMENT -eq 'AzureAutomation/' -or $PSPrivateMetadata.JobId ) {
$value = Get-AutomationVariable -Name $name
return $value
}
Expand Down

0 comments on commit 2f9f48f

Please sign in to comment.