azure:azure_security_assessments

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
azure:azure_security_assessments [2025/05/28 19:03] – [List All Resources] mmuzeazure:azure_security_assessments [2025/06/25 18:59] (current) – [List Azure Role Assignments] mmuze
Line 4: Line 4:
   * [[azure:azure_resource_graph_explorer|Azure Resource Graph Explorer]]   * [[azure:azure_resource_graph_explorer|Azure Resource Graph Explorer]]
   * [[https://github.com/microsoft/ARI]]   * [[https://github.com/microsoft/ARI]]
 +
 +====== Methodology ======
 +To begin an assessment list all resources that are in all subscriptions that are in scope to get a sense of the environment.
 +
  
 ====== List All Resources ====== ====== List All Resources ======
Line 15: Line 19:
 } }
  
-$resources | convert-to-json | out-file " . \resources.json"+$resources | convert-to-json | out-file " . \resources.json" -encoding utf8
 </code> </code>
  
 == List All Resource Types == == List All Resource Types ==
 +Output a unique list of resource types
 <code> <code>
-jq.exe 'map(.ResourceType) | unique' resources.json+jq 'map(.ResourceType) | unique' resources.json
 </code> </code>
  
Line 65: Line 69:
 </code> </code>
  
 +<code>
 + az role assignment list --role "User Access Administrator" --scope "/providers/Microsoft.Management/managementGroups/<id guid>"
 +</code>
 ====== Tools ====== ====== Tools ======
   * [[https://github.com/microsoft/ARI]], inventory tool   * [[https://github.com/microsoft/ARI]], inventory tool
  
  • azure/azure_security_assessments.1748458989.txt.gz
  • Last modified: 2025/05/28 19:03
  • by mmuze