- Installation
- Virtual Machines
* VM-UTIL: List all virtual machines
* VM-UTIL: List all stopped virtual machines
* VM-UTIL: Check status of all virtual machines
* VM-UTIL: Get all ip addresses from stopped virtual machines
* VM-UTIL: List all snapshots in the date specified
* VM-SEC: List all snapshot in the date specified and without encryption
* VM-SEC: List SecurityGroups with SSH (22) open to Internet
* VM-SEC: List all server certificates - Keys & Access Management
* KAM-UTIL: List all policies
* KAM-UTIL: List all groups
* KAM-UTIL: Get users for a specified for a given group
* KAM-SEC: Check if user has MFA enabled
* KAM-SEC: Check if user has MFA enabled
* KAM-SEC: Check users with no MFA enabled - Storage
* STR-UTIL: List all storages
* STR-UTIL: Check alerts for storage accounts - SQL
* SQL-SEC: Check if a database has transparent data encryption enabled
Ref: https://docs.microsoft.com/es-es/cli/azure/?view=azure-cli-latest
Function | Command |
---|---|
Install az on Windows |
Download MSI |
Install az on Mac |
brew install azure-cli |
Install az on Linux |
apt-get install azure-cli |
Configuring awscli | az login |
az vm list
az vm list -d \
--query "[?powerState=='VM deallocated'] || [?powerState=='VM stopped'] || [?powerState=='VM unknown']"
az vm list -d \
--query "[].[name, powerState]"
az vm list -d \
--query "[?powerState=='VM deallocated'].[name, powerState, publicIps] || [?powerState=='VM stopped'].[name, powerState, publicIps] || [?powerState=='VM unknown'].[name, powerState, publicIps]"
az snapshot list \
--query "[?timeCreated >= '2019-06-02']"
az snapshot list \
--query "[?timeCreated >= '2019-06-02'] && [?encryptionSettingsCollection==null]"
az network nsg list \
--query "[?securityRules[?access == 'Allow']].[name] && [?securityRules[?destinationPortRange == '22']].[name]"
az keyvault list \
--query "[].[vaultName] \
--out tsv"\
|xargs -I {} bash -c 'if [[ $(az keyvault certificate list --vault-name {}) ]]; then echo {} ; fi
az policy definition list
az group list
az ad group member list \
--group {name}
$Msolcred = Get-credential
Connect-MsolService -Credential $MsolCred
Get-MsolUser -All | where {$_.StrongAuthenticationMethods -ne $null} | Select-Object -Property UserPrincipalName, DisplayName
Get-MsolUser -All | where {$_.StrongAuthenticationMethods.Count -eq 0} | Select-Object -Property UserPrincipalName, DisplayName
az storage account list
az security alert list \
--query "[?contains(extendedProperties.resourceType, 'Storage')]"
az sql db tde show \
--server {name} \
--resource-group {name} \
--database {name}