diff --git a/.github/workflows/deploy_dev_env.yml b/.github/workflows/deploy_dev_env.yml index 8316f9ca..b4d07e01 100644 --- a/.github/workflows/deploy_dev_env.yml +++ b/.github/workflows/deploy_dev_env.yml @@ -1,7 +1,6 @@ name: Deploy to Dev environment upon Release on: - workflow_dispatch: workflow_run: workflows: [Azure CAC Release] types: @@ -141,7 +140,7 @@ jobs: $configContent = @" { "keyVaultName": "kvcac", - "resourcegroup": "rgcac", + "resourcegroup": "guardrailscac", "region": "CanadaCentral", "storageaccountName": "stcac", "logAnalyticsworkspaceName": "logcac", @@ -237,7 +236,7 @@ jobs: $configContent = @" { "keyVaultName": "kvcac", - "resourcegroup": "rgcac", + "resourcegroup": "guardrailscac", "region": "CanadaCentral", "storageaccountName": "stcac", "logAnalyticsworkspaceName": "logcac", @@ -385,4 +384,4 @@ jobs: } azPSVersion: "latest" env: - UNIQUENAME_SUFFIX_DEV: ${{ vars.UNIQUENAME_SUFFIX_DEV }} + UNIQUENAME_SUFFIX_DEV: ${{ vars.UNIQUENAME_SUFFIX_DEV }} \ No newline at end of file diff --git a/tools/CentralView/Modules/ingest-tenantsData/ingest-tenantsData.psm1 b/tools/CentralView/Modules/ingest-tenantsData/ingest-tenantsData.psm1 index 8743e96a..eaafcb63 100644 --- a/tools/CentralView/Modules/ingest-tenantsData/ingest-tenantsData.psm1 +++ b/tools/CentralView/Modules/ingest-tenantsData/ingest-tenantsData.psm1 @@ -38,15 +38,23 @@ function get-tenantdata { $generalQuery=@" GuardrailsCompliance_CL | where ControlName_s has "{0}" and ReportTime_s == "{1}" | where TimeGenerated > ago (24h) - | project Mandatory=Required_s,ControlName_s, ItemName=ItemName_s, Status=iif(tostring(ComplianceStatus_b)=="True", 'Compliant', 'Non-Compliant'),["ITSG Control"]=itsgcode_s - | summarize Count=count() by Mandatory,ControlName_s,ItemName, Status, ["ITSG Control"] + | project Mandatory=Required_s,ControlName_s, ItemName=ItemName_s, Profile=column_ifexists('Profile_d',''), Status=case( + ComplianceStatus_s == "Not Applicable", "Not Applicable", + tostring(ComplianceStatus_b)=="True", "Compliant", + "Non-Compliant" + ),["ITSG Control"]=itsgcode_s + | summarize Count=count() by Mandatory,ControlName_s,ItemName, Profile,Status, ["ITSG Control"] "@ $gr567Query=@" GuardrailsCompliance_CL | where ControlName_s has "{0}" and ReportTime_s == "{1}" | where TimeGenerated > ago (24h) -| project Mandatory=Required_s,ControlName_s, Type=Type_s, Name=DisplayName_s, ItemName=ItemName_s, Status=iif(tostring(ComplianceStatus_b)=="True", 'Compliant', 'Non-Compliant'),["ITSG Control"]=itsgcode_s -| summarize Count=count() by Mandatory, ControlName_s,ItemName,Status,["ITSG Control"] +| project Mandatory=Required_s,ControlName_s, Type=Type_s, Name=DisplayName_s, ItemName=ItemName_s, Profile=column_ifexists('Profile_d',''), Status=case( + ComplianceStatus_s == "Not Applicable", "Not Applicable", + tostring(ComplianceStatus_b)=="True", "Compliant", + "Non-Compliant" + ),["ITSG Control"]=itsgcode_s +| summarize Count=count() by Mandatory, ControlName_s,ItemName, Profile, Status,["ITSG Control"] "@ $gr8query=@" let itsgcodes=GRITSGControls_CL | summarize arg_max(TimeGenerated, *) by itsgcode_s; @@ -55,8 +63,12 @@ GuardrailsCompliance_CL | where ControlName_s has ctrlprefix and ReportTime_s == "{0}" | where TimeGenerated > ago (6h) |join kind=inner (itsgcodes) on itsgcode_s - | project Mandatory=Required_s,ControlName_s, SubnetName=SubnetName_s, ItemName=ItemName_s, Status=iif(tostring(ComplianceStatus_b)=="True", 'Compliant', 'Non-Compliant'), ["ITSG Control"]=itsgcode_s, Definition=Definition_s,Mitigation=gr_geturl(replace_string(ctrlprefix," ",""),itsgcode_s) - | summarize Count=count(SubnetName) by Mandatory, ControlName_s, Status,ItemName, ['ITSG Control'] + | project Mandatory=Required_s,ControlName_s, SubnetName=SubnetName_s, ItemName=ItemName_s, Profile=column_ifexists('Profile_d',''), Status=case( + ComplianceStatus_s == "Not Applicable", "Not Applicable", + tostring(ComplianceStatus_b)=="True", "Compliant", + "Non-Compliant" + ), ["ITSG Control"]=itsgcode_s, Definition=Definition_s,Mitigation=gr_geturl(replace_string(ctrlprefix," ",""),itsgcode_s) + | summarize Count=count(SubnetName) by Mandatory, ControlName_s, Status,ItemName, Profile, ['ITSG Control'] "@ $gr9query=@" let itsgcodes=GRITSGControls_CL | summarize arg_max(TimeGenerated, *) by itsgcode_s; @@ -65,8 +77,12 @@ GuardrailsCompliance_CL | where ControlName_s has ctrlprefix and ReportTime_s == "{0}" | where TimeGenerated > ago (12h) |join kind=inner (itsgcodes) on itsgcode_s - | project Mandatory=Required_s,ControlName_s, ['VNet Name']= column_ifexists('VNETName_s', ''), ItemName=ItemName_s, Status=iif(tostring(ComplianceStatus_b)=="True", 'Compliant', 'Non-Compliant'), ["ITSG Control"]=itsgcode_s, Definition=Definition_s,Mitigation=gr_geturl(replace_string(ctrlprefix," ",""),itsgcode_s) - | summarize Count=count('VNet Name') by Mandatory,ControlName_s, Status, ItemName,['ITSG Control'] + | project Mandatory=Required_s,ControlName_s, ['VNet Name']= column_ifexists('VNETName_s', ''), ItemName=ItemName_s, Profile=column_ifexists('Profile_d',''), Status=case( + ComplianceStatus_s == "Not Applicable", "Not Applicable", + tostring(ComplianceStatus_b)=="True", "Compliant", + "Non-Compliant" + ), ["ITSG Control"]=itsgcode_s, Definition=Definition_s,Mitigation=gr_geturl(replace_string(ctrlprefix," ",""),itsgcode_s) + | summarize Count=count('VNet Name') by Mandatory,ControlName_s, Status, ItemName, Profile, ['ITSG Control'] "@ [PSCustomObject] $FinalObjectList = New-Object System.Collections.ArrayList foreach ($ws in $wsidList.wsid) diff --git a/tools/CentralView/setup/IaC/modules/law.bicep b/tools/CentralView/setup/IaC/modules/law.bicep index 495c2c2c..f9e1c95f 100644 --- a/tools/CentralView/setup/IaC/modules/law.bicep +++ b/tools/CentralView/setup/IaC/modules/law.bicep @@ -93,7 +93,7 @@ var wbConfig1 =''' "type": 3, "content": { "version": "KqlItem/1.0", - "query": "let mrt=GuardrailsTenantsCompliance_CL \n| summarize mrt=max(ReportTime_s);\nGuardrailsTenantsCompliance_CL \n| where ReportTime_s == toscalar(mrt) and TenantDomain_s == \"{Tenants}\" \n| parse ControlName_s_s with * \"GUARDRAIL\" number \":\" rest\n| project-away rest\n| extend Mandatory=iff(Mandatory_s != \"\", iff(Mandatory_s==\"True\",\" (M)\", \" (R)\"),\" - N/A\")\n| summarize by Control=ControlName_s_s, Mandatory=Mandatory_s, ItemName=strcat(ItemName_s, Mandatory),[\"ITSG Control\"]=ITSG_Control_s,Status=Status_s, number\n| sort by toint(number) asc\n| project-away number", + "query": "let mrt=GuardrailsTenantsCompliance_CL \n| summarize mrt=max(ReportTime_s);\nGuardrailsTenantsCompliance_CL \n| where ReportTime_s == toscalar(mrt) and TenantDomain_s == \"{Tenants}\" \n| parse ControlName_s_s with * \"GUARDRAIL\" number \":\" rest\n| project-away rest\n| extend Mandatory=iff(Mandatory_s != \"\", iff(Mandatory_s==\"True\",\" (M)\", \" (R)\"),\" - N/A\")\n| summarize by Control=ControlName_s_s, Mandatory=Mandatory_s, ItemName=strcat(ItemName_s, Mandatory),[\"ITSG Control\"]=ITSG_Control_s,Status=Status_s, Profile=Profile_s, number\n| sort by toint(number) asc\n| project-away number", "size": 2, "timeContext": { "durationMs": 43200000