From 99032730b5c32be40a688420110893884d101f36 Mon Sep 17 00:00:00 2001 From: robbwilcox Date: Sat, 5 Oct 2024 12:27:45 -0500 Subject: [PATCH] Move --- .../Check-AppRoles.ps1 | 0 .../Get-AzureRoles.ps1 | 0 .../clean_csv.ps1 | 0 .../data/TestResults.csv | 3 + AzureRoleAnalyzingScripts/output/item.txt | 1 + .../output/msvoc-backend_results.txt | 135 ++++++++++++++++++ .../output/msvoc-backend_results.txt.raw | 40 ++++++ .../parse_logs.ps1 | 0 .../permissions_analysis_results.txt | Bin .../required_roles.txt | 0 Hello.ps1 | 1 - 11 files changed, 179 insertions(+), 1 deletion(-) rename Check-AppRoles.ps1 => AzureRoleAnalyzingScripts/Check-AppRoles.ps1 (100%) rename Get-AzureRoles.ps1 => AzureRoleAnalyzingScripts/Get-AzureRoles.ps1 (100%) rename clean_csv.ps1 => AzureRoleAnalyzingScripts/clean_csv.ps1 (100%) create mode 100644 AzureRoleAnalyzingScripts/data/TestResults.csv create mode 100644 AzureRoleAnalyzingScripts/output/item.txt create mode 100644 AzureRoleAnalyzingScripts/output/msvoc-backend_results.txt create mode 100644 AzureRoleAnalyzingScripts/output/msvoc-backend_results.txt.raw rename parse_logs.ps1 => AzureRoleAnalyzingScripts/parse_logs.ps1 (100%) rename permissions_analysis_results.txt => AzureRoleAnalyzingScripts/permissions_analysis_results.txt (100%) rename required_roles.txt => AzureRoleAnalyzingScripts/required_roles.txt (100%) delete mode 100644 Hello.ps1 diff --git a/Check-AppRoles.ps1 b/AzureRoleAnalyzingScripts/Check-AppRoles.ps1 similarity index 100% rename from Check-AppRoles.ps1 rename to AzureRoleAnalyzingScripts/Check-AppRoles.ps1 diff --git a/Get-AzureRoles.ps1 b/AzureRoleAnalyzingScripts/Get-AzureRoles.ps1 similarity index 100% rename from Get-AzureRoles.ps1 rename to AzureRoleAnalyzingScripts/Get-AzureRoles.ps1 diff --git a/clean_csv.ps1 b/AzureRoleAnalyzingScripts/clean_csv.ps1 similarity index 100% rename from clean_csv.ps1 rename to AzureRoleAnalyzingScripts/clean_csv.ps1 diff --git a/AzureRoleAnalyzingScripts/data/TestResults.csv b/AzureRoleAnalyzingScripts/data/TestResults.csv new file mode 100644 index 0000000..366f453 --- /dev/null +++ b/AzureRoleAnalyzingScripts/data/TestResults.csv @@ -0,0 +1,3 @@ +Correlation id,Operation name,Status,Event category,Level,Time,Subscription,Event initiated by,Resource type,Resource group,Resource +7fec9c56-7671-47f7-9345-ce186dd9d3c1,List Storage Account Keys,Succeeded,Administrative,Informational,2024-10-01T19:33:20.668Z,040698c2-a013-45be-b1fa-e975f46b9d63,BackupFairFax,Microsoft.Storage/storageAccounts,mvdtadt5-onpremtest,/subscriptions/040698c2-a013-45be-b1fa-e975f46b9d63/resourceGroups/mvdtadt5-onpremtest/providers/Microsoft.Storage/storageAccounts/mvdtadt5profilesstr +7fec9c56-7671-47f7-9345-ce186dd9d3c1,List Storage Account Keys,Started,Administrative,Informational,2024-10-01T19:33:20.621Z,040698c2-a013-45be-b1fa-e975f46b9d63,BackupFairFax,Microsoft.Storage/storageAccounts,mvdtadt5-onpremtest,/subscriptions/040698c2-a013-45be-b1fa-e975f46b9d63/resourceGroups/mvdtadt5-onpremtest/providers/Microsoft.Storage/storageAccounts/mvdtadt5profilesstr diff --git a/AzureRoleAnalyzingScripts/output/item.txt b/AzureRoleAnalyzingScripts/output/item.txt new file mode 100644 index 0000000..a71b88c --- /dev/null +++ b/AzureRoleAnalyzingScripts/output/item.txt @@ -0,0 +1 @@ +Microsoft.Web/sites/config \ No newline at end of file diff --git a/AzureRoleAnalyzingScripts/output/msvoc-backend_results.txt b/AzureRoleAnalyzingScripts/output/msvoc-backend_results.txt new file mode 100644 index 0000000..cf7764d --- /dev/null +++ b/AzureRoleAnalyzingScripts/output/msvoc-backend_results.txt @@ -0,0 +1,135 @@ +Application: msvoc-backend +------------------------ + Resource Type: Microsoft.Insights/dataCollectionEndpoints + - Create or update data collection endpoint + Resource Type: Microsoft.Web/sites/host + - List Web Apps Functions Host Keys + Resource Type: Microsoft.Automation/automationAccounts/runbooks + - Create or Update an Azure Automation Runbook + Resource Type: Microsoft.Automation/automationAccounts/configurations + - Puts an Azure Automation DSC's content + Resource Type: Microsoft.Compute/virtualMachines + - 'auditIfNotExists' Policy action. + - 'audit' Policy action. + - Create or Update Virtual Machine + - Start Virtual Machine + - Get Virtual Machine + Resource Type: Microsoft.Web/sites + - 'auditIfNotExists' Policy action. + - Update website + - 'deployIfNotExists' Policy action. + - 'audit' Policy action. + Resource Type: Microsoft.ServiceBus/namespaces + - 'auditIfNotExists' Policy action. + - Create Or Update Namespace + - 'audit' Policy action. + Resource Type: Microsoft.DesktopVirtualization/applicationGroups + - Write applicationgroups + Resource Type: Microsoft.Storage/storageAccounts + - 'deployIfNotExists' Policy action. + - Update Storage Account Create + - 'auditIfNotExists' Policy action. + - 'audit' Policy action. + - List Storage Account Keys + - Get Storage Account(s) List + Resource Type: Microsoft.AppConfiguration/configurationStores + - 'audit' Policy action. + - 'auditIfNotExists' Policy action. + - Create or Update Configuration Store + - Get Configuration Store or List Configuration Stores + - Delete Configuration Store + - Delete role assignment + Resource Type: Microsoft.Automation/automationAccounts + - Create or Update an Azure Automation account + - Gets the Keys for the automation account + Resource Type: Microsoft.KeyVault/vaults + - 'auditIfNotExists' Policy action. + - Update Key Vault + - 'deployIfNotExists' Policy action. + - 'audit' Policy action. + - Delete Key Vault + - Delete role assignment + Resource Type: Microsoft.Automation/automationAccounts/jobSchedules + - Create an Azure Automation job schedule + Resource Type: Microsoft.Automation/automationAccounts/schedules + - Create or Update an Azure Automation schedule asset + Resource Type: Microsoft.Automation/automationAccounts/compilationjobs + - Puts an Azure Automation DSC's Compilation + Resource Type: Microsoft.Web/serverfarms + - Update hosting plan + Resource Type: Microsoft.Insights/components + - Update insights component + Resource Type: Microsoft.Automation/automationAccounts/modules + - Create or Update an Azure Automation Powershell module + Resource Type: Microsoft.Web/sites/config + - Update web sites config + Resource Type: Microsoft.DesktopVirtualization/hostPools + - Write hostpools + - listRegistrationTokens + Resource Type: Microsoft.OperationalInsights/workspaces + - Create Workspace + Resource Type: Microsoft.DesktopVirtualization/workspaces + - Write workspaces + Resource Type: Microsoft.ManagedIdentity/userAssignedIdentities + - Update User Assigned Identity Create + Resource Type: Microsoft.Authorization/roleAssignments + - Create role assignment + Resource Type: Microsoft.Automation/automationAccounts/credentials + - Create or Update an Azure Automation credential asset + Resource Type: Microsoft.Automation/automationAccounts/variables + - Create or Update an Azure Automation variable asset + - Delete an Azure Automation variable asset + Resource Type: Microsoft.Compute/virtualMachines/extensions + - Get Virtual Machine Extension + - Create or Update Virtual Machine Extension + Resource Type: Microsoft.OperationalInsights/workspaces/dataSources + - Upsert Data Source + Resource Type: Microsoft.AppConfiguration/configurationStores/keyValues + - Write Key-Value + Resource Type: Microsoft.Insights/diagnosticSettings + - Create or update resource diagnostic setting + Resource Type: Microsoft.DesktopVirtualization/applicationGroups/desktops + - Desktops Write applicationgroups + Resource Type: Microsoft.ServiceBus/namespaces/queues + - Create or Update Queue + Resource Type: Microsoft.Storage/storageAccounts/blobServices/containers + - Put blob container + Resource Type: Microsoft.Storage/storageAccounts/fileServices/shares + - Put File Share + Resource Type: Microsoft.Storage/storageAccounts/blobServices + - Put blob service properties + Resource Type: Microsoft.Resources/subscriptions/resourcegroups + - Update resource group + - Delete data collection endpoint + - Delete resource group + - Delete Workspace + - Delete workspaces + - Delete applicationgroups + - Delete insights component + - Delete data collection rule + - Delete Smart Detector alert rule + - Delete Storage Account + - Delete role assignment + - Delete an Azure Automation account + - Delete User Assigned Identity + - Delete website + - Delete hostpools + - Delete Namespace + - Delete hosting plan + - Delete Configuration Store + Resource Type: Microsoft.Compute/disks + - Delete Disk + Resource Type: Microsoft.Network/networkInterfaces + - Delete Network Interface + Resource Type: Microsoft.KeyVault/locations/deletedVaults + - Purge Soft Deleted Key Vault + Resource Type: Microsoft.AppConfiguration/locations/deletedConfigurationStores + - Purge Deleted Configuration Store + +Total rows in CSV: 128634 +Rows processed: 16157 +Rows skipped (Started status, ignored operations, or non-matching application): 112477 +Ignored operations: Resume Databases, UpdateWebSite +Filtered by application: msvoc-backend + +Results have been saved to: msvoc-backend_results.txt diff --git a/AzureRoleAnalyzingScripts/output/msvoc-backend_results.txt.raw b/AzureRoleAnalyzingScripts/output/msvoc-backend_results.txt.raw new file mode 100644 index 0000000..4ebc99c --- /dev/null +++ b/AzureRoleAnalyzingScripts/output/msvoc-backend_results.txt.raw @@ -0,0 +1,40 @@ +Microsoft.Insights/dataCollectionEndpoints +Microsoft.Web/sites/host +Microsoft.Automation/automationAccounts/runbooks +Microsoft.Automation/automationAccounts/configurations +Microsoft.Compute/virtualMachines +Microsoft.Web/sites +Microsoft.ServiceBus/namespaces +Microsoft.DesktopVirtualization/applicationGroups +Microsoft.Storage/storageAccounts +Microsoft.AppConfiguration/configurationStores +Microsoft.Automation/automationAccounts +Microsoft.KeyVault/vaults +Microsoft.Automation/automationAccounts/jobSchedules +Microsoft.Automation/automationAccounts/schedules +Microsoft.Automation/automationAccounts/compilationjobs +Microsoft.Web/serverfarms +Microsoft.Insights/components +Microsoft.Automation/automationAccounts/modules +Microsoft.Web/sites/config +Microsoft.DesktopVirtualization/hostPools +Microsoft.OperationalInsights/workspaces +Microsoft.DesktopVirtualization/workspaces +Microsoft.ManagedIdentity/userAssignedIdentities +Microsoft.Authorization/roleAssignments +Microsoft.Automation/automationAccounts/credentials +Microsoft.Automation/automationAccounts/variables +Microsoft.Compute/virtualMachines/extensions +Microsoft.OperationalInsights/workspaces/dataSources +Microsoft.AppConfiguration/configurationStores/keyValues +Microsoft.Insights/diagnosticSettings +Microsoft.DesktopVirtualization/applicationGroups/desktops +Microsoft.ServiceBus/namespaces/queues +Microsoft.Storage/storageAccounts/blobServices/containers +Microsoft.Storage/storageAccounts/fileServices/shares +Microsoft.Storage/storageAccounts/blobServices +Microsoft.Resources/subscriptions/resourcegroups +Microsoft.Compute/disks +Microsoft.Network/networkInterfaces +Microsoft.KeyVault/locations/deletedVaults +Microsoft.AppConfiguration/locations/deletedConfigurationStores diff --git a/parse_logs.ps1 b/AzureRoleAnalyzingScripts/parse_logs.ps1 similarity index 100% rename from parse_logs.ps1 rename to AzureRoleAnalyzingScripts/parse_logs.ps1 diff --git a/permissions_analysis_results.txt b/AzureRoleAnalyzingScripts/permissions_analysis_results.txt similarity index 100% rename from permissions_analysis_results.txt rename to AzureRoleAnalyzingScripts/permissions_analysis_results.txt diff --git a/required_roles.txt b/AzureRoleAnalyzingScripts/required_roles.txt similarity index 100% rename from required_roles.txt rename to AzureRoleAnalyzingScripts/required_roles.txt diff --git a/Hello.ps1 b/Hello.ps1 deleted file mode 100644 index eff826d..0000000 --- a/Hello.ps1 +++ /dev/null @@ -1 +0,0 @@ -Write-Host "Hello World!" -ForegroundColor Blue \ No newline at end of file