Giters

swiftsolves-msft / RiskyAPIs

Can be used when testing a newly created custom role, to see if there are inadvertent permissions granted on known risky Azure Management APIs.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Analyze-CustomRoleDefinition

author: Nathan Swift

New Azure Portal UI experience for creating and editing custom roles is avaliable!

Can be used when testing a newly created custom role, to see if there are inadvertent permissions granted on known risky Azure management APIs.

Longer term goals include:

  • Community driven effort to build .csv or undefined template file you can import that defines risky APIs with some context, classification, and why
  • A documented scenario where triggered alert of a new custom role definition executes script.

Click Image Below to redirect to Azure Security Compass - @MarkSimos

About

Can be used when testing a newly created custom role, to see if there are inadvertent permissions granted on known risky Azure Management APIs.

Languages

Language:PowerShell 100.0%