-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathscan-spokes.ps1
70 lines (62 loc) · 2.5 KB
/
scan-spokes.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# https://docs.microsoft.com/en-us/azure/governance/resource-graph/samples/starter
Install-Module -Name Az.ResourceGraph
# Disable Ansi output
# https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_ansi_terminals
$PSStyle.OutputRendering = "PlainText"
Set-Location .\deploy\firewall\rulecollectiongroups\5-spoke
$queryTagVNETs = @"
Resources
| where type =~ 'Microsoft.Network/virtualNetworks'
| where isnotnull(tags['azfw-mapping'])
| extend mapping = tags['azfw-mapping']
| project subscriptionId, resourceGroup, name, mapping, location
| project-rename Subscription = subscriptionId, ResourceGroup = resourceGroup, Name = name, Mapping = mapping, Location = location
| order by Subscription, ResourceGroup, Name
"@
$queryTagVNETs
$spokes = Search-AzGraph -Query $queryTagVNETs
$spokes | Format-Table
$spokes | Format-Table -GroupBy "Location"
"# Spokes" > spokes.md
"" >> .\spokes.md
"Generated $(Get-date)" >> spokes.md
"" >> .\spokes.md
"## ``azfw-mapping`` tagged spokes by Subscription" >> spokes.md
"" >> .\spokes.md
"``````text" >> spokes.md
$spokes | Format-Table -GroupBy "Subscription" | Out-File -FilePath spokes.md -Append
"``````" >> spokes.md
"" >> .\spokes.md
"## ``azfw-mapping`` tagged spokes by Location" >> spokes.md
"``````text" >> spokes.md
$spokes | Format-Table -GroupBy "Location" >> spokes.md
"``````" >> spokes.md
"" >> .\spokes.md
$hubVnet = Get-AzVirtualNetwork -Name "vnet-hub" -ResourceGroupName "rg-azure-firewall-demo"
$hubVnet.Id
$queryPeeredVNETs = @"
Resources
| where type =~ "microsoft.network/virtualNetworks"
| mv-expand peering=properties.virtualNetworkPeerings
| where peering.properties.remoteVirtualNetwork.id == "$($hubVnet.Id)"
| extend mapping = tags['azfw-mapping']
| project subscriptionId, resourceGroup, name, mapping, location
| project-rename Subscription = subscriptionId, ResourceGroup = resourceGroup, Name = name, Mapping = mapping, Location = location
| order by Subscription, ResourceGroup, Name
"@
$queryPeeredVNETs
$allSpokes = Search-AzGraph -Query $queryPeeredVNETs
$allSpokes | Format-Table
$allSpokes | Format-Table -GroupBy "Location"
"" >> .\spokes.md
"## All spokes by Subscription" >> spokes.md
"" >> .\spokes.md
"``````text" >> spokes.md
$allSpokes | Format-Table -GroupBy "Subscription" | Out-File -FilePath spokes.md -Append
"``````" >> spokes.md
"" >> .\spokes.md
"## All spokes by Location" >> spokes.md
"``````text" >> spokes.md
$allSpokes | Format-Table -GroupBy "Location" >> spokes.md
"``````" >> spokes.md
"" >> .\spokes.md