search

Azure / Community-Policy

This repo is for Microsoft Azure customers and Microsoft teams to collaborate in making custom policies.
MIT License
636 stars 327 forks source link

Validate in the pipeline that policy id is not equal to any built-in policies #469

Closed Joshua-Donovan closed 2 months ago

Joshua-Donovan commented 2 months ago

393

Updated Built-In Name / GUID validation check to use public resource that does not require us to maintain an authorization token like the Github APIs would require.

Also updated dependencies to the latest versions.

Joshua-Donovan commented 2 months ago

Previous recommendation from pull request #425 to use the csv export from azadvertizer would have required parsing the csv.

wouldn't it be possible to check the GUID against https://www.azadvertizer.net/azpolicyadvertizer-comma.csv for uniqueness. In this case we wouldn't need any permissions or access tokens. The csv file is updated daily against Azure (built-in), ALZ, AMBA and Community Policies.

I found it easier in bash to use jq to parse the json response from: https://www.azadvertizer.net/AzPolicyAdvertizerRuleThemAllData.json instead of parsing the csv for this use case.