-
Notifications
You must be signed in to change notification settings - Fork 239
/
az-connect-si.ps1
144 lines (131 loc) · 7.17 KB
/
az-connect-si.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
param(
[switch]$noprompt = $false, ## if -noprompt used then user will not be asked for any input
[switch]$noupdate = $false, ## if -noupdate used then module will not be checked for more recent version
[switch]$debug = $false ## if -debug create a log file
)
<# CIAOPS
Script provided as is. Use at own risk. No guarantees or warranty provided.
Description - Script designed to login to Azure resources
Source - https://github.com/directorcia/office365/blob/master/az-connect-si.ps1
Prerequisites = 1
1. Ensure Azure AZ.SecurityInsights module installed or updated
Allow custom scripts to run just for this instance
set-executionpolicy -executionpolicy bypass -scope currentuser -force
#>
#Region Variables
$systemmessagecolor = "cyan"
$processmessagecolor = "green"
$errormessagecolor = "red"
$warningmessagecolor = "yellow"
#EndRegion Variables
Clear-Host
if ($debug) {
write-host "Script activity logged at ..\az-connect-si.txt"
start-transcript "..\az-connect-si.txt" | Out-Null ## Log file created in parent directory that is overwritten on each run
}
write-host -foregroundcolor $systemmessagecolor "Azure Security Insights connection script started`n"
write-host -ForegroundColor $processmessagecolor "Prompt =",(-not $noprompt)
if (get-module -listavailable -name AZ.SecurityInsights) { ## Has the Azure PowerShell module been installed?
write-host -ForegroundColor $processmessagecolor "Azure Insights PowerShell module installed"
}
else {
write-host -ForegroundColor $warningmessagecolor -backgroundcolor $errormessagecolor "[001] - Azure Insights PowerShell module not installed`n"
if (-not $noprompt) {
do {
$response = read-host -Prompt "`nDo you wish to install the Azure Insights PowerShell module (Y/N)?"
} until (-not [string]::isnullorempty($response))
if ($result -eq 'Y' -or $result -eq 'y') {
write-host -foregroundcolor $processmessagecolor "Installing Azure Insights PowerShell module - Administration escalation required"
Start-Process powershell -Verb runAs -ArgumentList "install-Module -Name AZ.SecurityInsights -Force -confirm:$false" -wait -WindowStyle Hidden
write-host -foregroundcolor $processmessagecolor "Azure PowerShell Insights module installed"
}
else {
write-host -foregroundcolor $processmessagecolor "Terminating script"
if ($debug) {
Stop-Transcript | Out-Null ## Terminate transcription
}
exit 1 ## Terminate script
}
}
else {
write-host -foregroundcolor $processmessagecolor "Installing Azure Insights PowerShell module - Administration escalation required"
Start-Process powershell -Verb runAs -ArgumentList "install-Module -Name AZ.SecurityInsights -Force -confirm:$false" -wait -WindowStyle Hidden
write-host -foregroundcolor $processmessagecolor "Azure PowerShell Insights module installed"
}
}
if (-not $noupdate) {
write-host -foregroundcolor $processmessagecolor "Check whether newer version of Azure Insights PowerShell module is available"
#get version of the module (selects the first if there are more versions installed)
$version = (Get-InstalledModule -name AZ.SecurityInsights) | Sort-Object Version -Descending | Select-Object Version -First 1
#get version of the module in psgallery
$psgalleryversion = Find-Module -Name AZ.SecurityInsights | Sort-Object Version -Descending | Select-Object Version -First 1
#convert to string for comparison
$stringver = $version | Select-Object @{n='ModuleVersion'; e={$_.Version -as [string]}}
$a = $stringver | Select-Object Moduleversion -ExpandProperty Moduleversion
#convert to string for comparison
$onlinever = $psgalleryversion | Select-Object @{n='OnlineVersion'; e={$_.Version -as [string]}}
$b = $onlinever | Select-Object OnlineVersion -ExpandProperty OnlineVersion
#version compare
if ([version]"$a" -ge [version]"$b") {
Write-Host -foregroundcolor $processmessagecolor "Local module $a greater or equal to Gallery module $b"
write-host -foregroundcolor $processmessagecolor "No update required"
}
else {
Write-Host -foregroundcolor $warningmessagecolor "Local module $a lower version than Gallery module $b"
write-host -foregroundcolor $warningmessagecolor "Update recommended"
if (-not $noprompt) {
do {
$response = read-host -Prompt "`nDo you wish to update the Azure Insights PowerShell module (Y/N)?"
} until (-not [string]::isnullorempty($response))
if ($result -eq 'Y' -or $result -eq 'y') {
write-host -foregroundcolor $processmessagecolor "Updating Azure Insights PowerShell module - Administration escalation required"
Start-Process powershell -Verb runAs -ArgumentList "update-Module -Name AZ.SecurityInsights -Force -confirm:$false" -wait -WindowStyle Hidden
write-host -foregroundcolor $processmessagecolor "Azure Insights PowerShell module - updated"
}
else {
write-host -foregroundcolor $processmessagecolor "Azure Insights PowerShell module - not updated"
}
}
else {
write-host -foregroundcolor $processmessagecolor "Updating Azure Insights PowerShell module - Administration escalation required"
Start-Process powershell -Verb runAs -ArgumentList "update-Module -Name AZ.SecurityInsights -Force -confirm:$false" -wait -WindowStyle Hidden
write-host -foregroundcolor $processmessagecolor "Azure Insights PowerShell module - updated"
}
}
}
write-host -foregroundcolor $processmessagecolor "Azure Insights PowerShell module loading"
Try {
Import-Module -name AZ.SecurityInsights | Out-Null
}
catch {
Write-Host -ForegroundColor $errormessagecolor "[002] - Unable to load Azure Insights PowerShell module`n"
Write-Host -ForegroundColor $errormessagecolor $_.Exception.Message
if ($debug) {
Stop-Transcript | Out-Null ## Terminate transcription
}
exit 2
}
write-host -foregroundcolor $processmessagecolor "Azure Insights PowerShell module loaded"
## Connect to Azure AD service
write-host -foregroundcolor $processmessagecolor "Connecting to Azure"
try {
clear-azcontext -force | Out-Null
$result = Connect-AzAccount -MaxContextPopulation 1
}
catch {
Write-Host -ForegroundColor $errormessagecolor "[003] - Unable to connect to Azure`n"
Write-Host -ForegroundColor $errormessagecolor $_.Exception.Message
if ($debug) {
Stop-Transcript | Out-Null ## Terminate transcription
}
exit 3
}
if (-not $noprompt) {
## Select desired Azure subscription from list of subscriptions
Get-AzSubscription -warningaction "SilentlyContinue" | Out-GridView -PassThru -title "Select the Azure subscription to use" | Select-AzSubscription | Out-Null
}
write-host -foregroundcolor $processmessagecolor "Connected to Azure`n"
write-host -foregroundcolor $systemmessagecolor "Azure Insights Connection script finished`n"
if ($debug) {
Stop-Transcript | Out-Null
}