Method Name: Get-AzSKInfo (GAI)
Input Parameters:
Name Alias Value
InfoType it HostInfo
You can also use: gai -it "HostInfo"
Running AzSK cmdlet using Nevjestic-IT policy...
Fetching configuration details from the host machine...
Loaded PowerShell modules
Name Description
Az.Accounts Microsoft Azure PowerShell - Accounts credential management cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.AnalysisServices Microsoft Azure PowerShell - Analysis Services cmdlets for Windows PowerShell and PowerShell Core.…
Az.ApiManagement Microsoft Azure PowerShell - Api Management service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.ApplicationInsights Microsoft Azure PowerShell - Application Insights management cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core. Creat…Az.Automation Microsoft Azure PowerShell - Automation service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.Batch Microsoft Azure PowerShell - Batch service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.Cdn Microsoft Azure PowerShell - CDN service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.Compute Microsoft Azure PowerShell - Compute service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core. Manages virtual machi…Az.ContainerInstance Microsoft Azure PowerShell - Container Instance cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.ContainerRegistry Microsoft Azure PowerShell - Container Registry service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.DataFactory Microsoft Azure PowerShell - Data Factory service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.DataLakeAnalytics Microsoft Azure PowerShell - Data Lake Analytics in Windows PowerShell and PowerShell Core.…
Az.DataLakeStore Microsoft Azure PowerShell - Azure Data Lake Store cmdlets in Windows PowerShell and PowerShell Core.…
Az.EventHub Microsoft Azure PowerShell - Event Hubs service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.HDInsight Microsoft Azure PowerShell - HDInsight service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.KeyVault Microsoft Azure PowerShell - Key Vault service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.LogicApp Microsoft Azure PowerShell - Logic Apps cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.Monitor Microsoft Azure PowerShell - Monitor service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.Network Microsoft Azure PowerShell - Networking service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.NotificationHubs Microsoft Azure PowerShell - Notification Hubs cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.OperationalInsights Microsoft Azure PowerShell - Operational Insights service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.
Az.PolicyInsights Microsoft Azure PowerShell - Azure Policy Insights cmdlets for Windows PowerShell and PowerShell Core. Allows querying policy evaluation events a…Az.RedisCache Microsoft Azure PowerShell - Redis Cache service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.Resources Microsoft Azure PowerShell - Azure Resource Manager and Active Directory cmdlets in Windows PowerShell and PowerShell Core. Manages subscription…Az.ServiceBus Microsoft Azure PowerShell - Service Bus service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.ServiceFabric Microsoft Azure PowerShell - Service Fabric cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.Sql Microsoft Azure PowerShell - SQL service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.Storage Microsoft Azure PowerShell - Storage service data plane and management cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Co…Az.StreamAnalytics Microsoft Azure PowerShell - Stream Analytics service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.TrafficManager Microsoft Azure PowerShell - Traffic Manager service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.Websites Microsoft Azure PowerShell - App Service (Web Apps) service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
AzSK Secure DevOps Kit for Azure (AzSK)
Microsoft.PowerShell.Management
Microsoft.PowerShell.Security
Microsoft.PowerShell.Utility
PackageManagement PackageManagement (a.k.a. OneGet) is a new way to discover and install software packages from around the web.…
PowerShellEditorServices.Commands Provides internal commands for PowerShell Editor Services that only work in an editor session.
PowerShellEditorServices.VSCode Provides added functionality to PowerShell Editor Services for the Visual Studio Code editor.
PowerShellGet PowerShell module with commands for discovering, installing, updating and publishing the PowerShell artifacts like Modules, DSC Resources, Role C…PSReadLine Great command line editing in the PowerShell console host
I've followed to the T instructions 1-6 listed: https://github.com/azsk/DevOpsKit-docs/blob/master/07-Customizing-AzSK-for-your-Org/Extending%20AzSK%20Module/Readme.md#steps-to-extend-the-control-svt
I have setup my own Org prior to running these steps. Below is the output of running:
Get-AzSKInfo -InfoType HostInfo
================================================================================ AzSK Version: 4.10.0
Method Name: Get-AzSKInfo (GAI) Input Parameters: Name Alias Value
InfoType it HostInfo
You can also use: gai -it "HostInfo"
Running AzSK cmdlet using Nevjestic-IT policy...
Fetching configuration details from the host machine...
Loaded PowerShell modules
Name Description
Az.Accounts Microsoft Azure PowerShell - Accounts credential management cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
Az.AnalysisServices Microsoft Azure PowerShell - Analysis Services cmdlets for Windows PowerShell and PowerShell Core.… Az.ApiManagement Microsoft Azure PowerShell - Api Management service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.ApplicationInsights Microsoft Azure PowerShell - Application Insights management cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core. Creat…Az.Automation Microsoft Azure PowerShell - Automation service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.Batch Microsoft Azure PowerShell - Batch service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.Cdn Microsoft Azure PowerShell - CDN service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.Compute Microsoft Azure PowerShell - Compute service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core. Manages virtual machi…Az.ContainerInstance Microsoft Azure PowerShell - Container Instance cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.ContainerRegistry Microsoft Azure PowerShell - Container Registry service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.DataFactory Microsoft Azure PowerShell - Data Factory service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.DataLakeAnalytics Microsoft Azure PowerShell - Data Lake Analytics in Windows PowerShell and PowerShell Core.… Az.DataLakeStore Microsoft Azure PowerShell - Azure Data Lake Store cmdlets in Windows PowerShell and PowerShell Core.… Az.EventHub Microsoft Azure PowerShell - Event Hubs service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.HDInsight Microsoft Azure PowerShell - HDInsight service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.KeyVault Microsoft Azure PowerShell - Key Vault service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.LogicApp Microsoft Azure PowerShell - Logic Apps cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.Monitor Microsoft Azure PowerShell - Monitor service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.Network Microsoft Azure PowerShell - Networking service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.NotificationHubs Microsoft Azure PowerShell - Notification Hubs cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.OperationalInsights Microsoft Azure PowerShell - Operational Insights service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core. Az.PolicyInsights Microsoft Azure PowerShell - Azure Policy Insights cmdlets for Windows PowerShell and PowerShell Core. Allows querying policy evaluation events a…Az.RedisCache Microsoft Azure PowerShell - Redis Cache service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.Resources Microsoft Azure PowerShell - Azure Resource Manager and Active Directory cmdlets in Windows PowerShell and PowerShell Core. Manages subscription…Az.ServiceBus Microsoft Azure PowerShell - Service Bus service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.ServiceFabric Microsoft Azure PowerShell - Service Fabric cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.Sql Microsoft Azure PowerShell - SQL service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.Storage Microsoft Azure PowerShell - Storage service data plane and management cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Co…Az.StreamAnalytics Microsoft Azure PowerShell - Stream Analytics service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.TrafficManager Microsoft Azure PowerShell - Traffic Manager service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.… Az.Websites Microsoft Azure PowerShell - App Service (Web Apps) service cmdlets for Azure Resource Manager in Windows PowerShell and PowerShell Core.…
AzSK Secure DevOps Kit for Azure (AzSK) Microsoft.PowerShell.Management Microsoft.PowerShell.Security Microsoft.PowerShell.Utility PackageManagement PackageManagement (a.k.a. OneGet) is a new way to discover and install software packages from around the web.… PowerShellEditorServices.Commands Provides internal commands for PowerShell Editor Services that only work in an editor session. PowerShellEditorServices.VSCode Provides added functionality to PowerShell Editor Services for the Visual Studio Code editor. PowerShellGet PowerShell module with commands for discovering, installing, updating and publishing the PowerShell artifacts like Modules, DSC Resources, Role C…PSReadLine Great command line editing in the PowerShell console host
Logged-in user context
Id Type
someUserRemoved User
AzSK Settings
LAWSId : LAWSSharedKey : AltLAWSId : AltLAWSSharedKey : LAType : LASource : EventHubNamespace : EventHubName : EventHubSendKeyName : EventHubSendKey : EventHubType : EventHubSource : WebhookUrl : WebhookAuthZHeaderName : WebhookAuthZHeaderValue : WebhookType : WebhookSource : AutoUpdateCommand : iwr 'https://azsknevjesticitsa.blob.core.windows.net/installer/AzSK-EasyInstaller.ps1' -UseBasicParsing | iex AutoUpdateSwitch : NotSet OutputFolderPath : AllowSelfSignedWebhookCertificate : False EnableAADAuthForOnlinePolicyStore : False UseOnlinePolicyStore : True OnlinePolicyStoreUrl : https://azsknevjesticitsa.blob.core.windows.net/policies/$($Version)/$($FileName)removedSAS AzureEnvironment : AzureCloud UsageTelemetryLevel : Anonymous LocalControlTelemetryKey : 00000000-0000-0000-0000-000000000000 LocalEnableControlTelemetry : False PrivacyNoticeAccepted : True IsSAW : False IsCentralScanModeOn : False StoreComplianceSummaryInUserSubscriptions : False
AzSK Configurations
MaintenanceMessage : WARNING: We are making some improvements to the 4.10.0 module. It is currently unavailable but will be back in action soon. AzSKRGName : AzSKRG AzSKRepoURL : https://www.powershellgallery.com AzSKServerVersion : 4.10.0 SubscriptionMandatoryTags : {Mandatory} ERvNetResourceGroupNames : UpdateCompatibleCCVersion : 1.0.0 AzSKApiBaseURL : PublishVulnDataToApi : False ControlTelemetryKey : 43d3e985-1425-4ac3-bb59-d11188c4d108 EnableControlTelemetry : True PolicyMessage : Running AzSK cmdlet using **Nevjestic-IT policy... AzSKLocation : eastus2 InstallationCommand : iwr 'https://azsknevjesticitsa.blob.core.windows.net/installer/AzSK-EasyInstaller.ps1' -UseBasicParsing | iex PublicPSGalleryUrl : https://www.powershellgallery.com AzSKCARunbookVersion : 3.1902.0 AzSKCAMinReqdRunbookVersion : 3.1902.0 AzSKAlertsMinReqdVersion : 3.1803.0 AzSKARMPolMinReqdVersion : 3.1809.0 PrivacyAcceptedSources : {} OutputFolderPath : BackwardCompatibleVersionCount : 2 DefaultControlExculdeTags : {Information} DefaultControlFiltersTags : {} AzSKVersionList : {} CAScanIntervalInHours : 24 ConfigSchemaBaseVersion : 3.1803.0 AzSKASCMinReqdVersion : 2.1709.0 AllowSelfSignedWebhookCertificate : False EnableDevOpsKitSetupCheck : False UpdateToLatestVersion : False CASetupRunbookURL : https://azsknevjesticitsa.blob.core.windows.net/policies/1.0.0/RunbookCoreSetup.ps1?**removedSASfromHere AzSKConfigURL : https://azsknevjesticitsa.blob.core.windows.net/policies/1.0.0/AzSK.Pre.json?removedSASformhere IsAlertMonitoringEnabled : False SupportDL : azsksupext@microsoft.com RunbookScanAgentBaseVersion : 1.0.0 PolicyOrgName : Nevjestic-IT StoreComplianceSummaryInUserSubscriptions : False LatestPSGalleryVersion : 4.10.0 SchemaTemplateURL : https://azsdkossep.azureedge.net/schemas/3.1803.0/ EnableAzurePolicyBasedScan : False AzSKInitiativeName : AzSKInitiative-Preview AzSKSecurityCenterInitiativeName : 1f3afdf9-d0c9-4c3d-847f-89da613e70a8
Az context
@{ "Subscription" = @{ "CurrentStorageAccount" = $Null; "CurrentStorageAccountName" = $Null; "ExtendedProperties" = @{ "Environment" = "AzureCloud"; "Account" = "sanitised"; "Tenants" = "sanitised" }; "Id" = "sanitised"; "Name" = "nevjestic-msft-internal"; "State" = "Enabled"; "SubscriptionId" = "sanitised"; "TenantId" = "sanitised" }; "Tenant" = @{ "ExtendedProperties" = @{}; "Id" = "sanitised"; "TenantId" = "sanitised" } }
Error: When running below command:
Get-AzSKSubscriptionSecurityStatus -SubscriptionId '' -ControlIds 'Azure_Subscription_AuthZ_Limit_Admin_Count_Ext'
No controls have been found to evaluate for Subscription