Azure Security as Code is a set of scripts to define your azure security governance as code and avoid manual settings of permissions and avoiding configuration drift.

This library is created in a modular fashion where each module will deliver the functionality for security governance of a specific Azure resource type

Current Azure resource types supported

Resource Groups
Security Groups
Azure SQL
Keyvault

Future Azure resource types on backlog

Azure Datalake
Others

If you have preferences on other resource types let us known in the issues.

Usage

Usage in general

Prerequisites

install yaml module needed to generate yaml outputs

Install-Module Azure-SecurityAsCode

Login with Azure CLI and select your subscription

az login

Check available cmdlets

Get-Command -Module Azure-SecurityAsCode

Usage Resource Group Download

Run 1 resource group or all

Get-Asac-AllResourceGroups

#or

Process-Asac-ResourceGroup -resourcegroup "resourcegroupName"

For more information, please see the Wiki

About

Scripts to define your azure security governance as code and avoid manual settings of permissions and avoiding configuration drift

MIT License

Languages

Language:PowerShell 97.8%Language:SQLPL 1.0%Language:Shell 0.8%Language:PLpgSQL 0.3%