From 2883380ea626f759933b5daa0c423d4a1803631d Mon Sep 17 00:00:00 2001 From: Julian Hayward Date: Sun, 17 Dec 2023 21:02:00 +0100 Subject: [PATCH] 6.3.6 --- README.md | 11 +++++++++-- history.md | 7 +++++++ pwsh/AzGovVizParallel.ps1 | 18 +++++++++++------- pwsh/dev/devAzGovVizParallel.ps1 | 2 +- pwsh/dev/functions/getConsumption.ps1 | 8 ++++---- pwsh/dev/functions/processTenantSummary.ps1 | 8 ++++++-- version.json | 2 +- 7 files changed, 39 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 0d7a1be0..dc161afc 100644 --- a/README.md +++ b/README.md @@ -78,10 +78,17 @@ The [Azure Governance Visualizer Accelerator](https://github.com/Azure/Azure-Gov ## Release history +__Changes__ (2023-Dec-16 / 6.3.6 Minor) + +* fix: processing of Service Principal names that contain special characters +* fix: RBAC reporting correct RBAC Role assignment related Policy assignment Policy definition displayName +* update ARM API-version for CostManagement. Using `2023-03-01` instead of `2019-11-01` + __Changes__ (2023-Dec-15 / 6.3.5 Minor) * Checking if the response of the storage account properties request is a byte array (type 'byte[]') and decode it to a string * Different handling of BOM (Byte order mark) for XML returns on storage account properties request (since Powershell version 7.4.0) +* use [AzAPICall](https://aka.ms/AzAPICall) PowerShell module version 1.1.85 [Full release history](history.md) @@ -571,7 +578,7 @@ Azure Governance Visualizer polls the following APIs | ARM | 2020-10-01 | /providers/Microsoft.Management/managementGroups/`managementGroupId`/providers/Microsoft.Authorization/roleAssignmentScheduleInstances | | ARM | 2018-07-01 | /providers/Microsoft.Management/managementGroups/`managementGroupId`/providers/Microsoft.Authorization/roleDefinitions | | ARM | 2018-11-01-preview | /providers/Microsoft.Management/managementGroups/`managementGroupId`/providers/Microsoft.Blueprint/blueprints | -| ARM | 2019-11-01 | /providers/Microsoft.Management/managementGroups/`managementGroupId`/providers/Microsoft.CostManagement/query | +| ARM | 2023-03-01 | /providers/Microsoft.Management/managementGroups/`managementGroupId`/providers/Microsoft.CostManagement/query | | ARM | 2020-01-01-preview | /providers/Microsoft.Management/managementGroups/`managementGroupId`/providers/microsoft.insights/diagnosticSettings | | ARM | 2019-10-01 | /providers/Microsoft.Management/managementGroups/`managementGroupId`/providers/Microsoft.PolicyInsights/policyStates/latest/summarize | | ARM | 2020-05-01 | /providers/Microsoft.Management/managementGroups/`managementGroupId` | @@ -592,7 +599,7 @@ Azure Governance Visualizer polls the following APIs | ARM | 2022-05-01-preview | /subscriptions/`subscriptionId`/providers/Microsoft.Authorization/roleDefinitions | | ARM | 2022-05-01-preview | /subscriptions/`subscriptionId`/providers/Microsoft.Blueprint/blueprintAssignments | | ARM | 2018-11-01-preview | /subscriptions/`subscriptionId`/providers/Microsoft.Blueprint/blueprints | -| ARM | 2019-11-01 | /subscriptions/`subscriptionId`/providers/Microsoft.CostManagement/query | +| ARM | 2023-03-01 | /subscriptions/`subscriptionId`/providers/Microsoft.CostManagement/query | | ARM | 2021-05-01-preview | /subscriptions/`subscriptionId`/providers/Microsoft.Insights/diagnosticSettings | | ARM | 2019-10-01 | /subscriptions/`subscriptionId`/providers/Microsoft.PolicyInsights/policyStates/latest/summarize | | ARM | 2022-07-01 | /subscriptions/`subscriptionId`/providers/Microsoft.Network/locations/`location`/availablePrivateEndpointTypes | diff --git a/history.md b/history.md index d5a7d7e5..4e669bf8 100644 --- a/history.md +++ b/history.md @@ -4,10 +4,17 @@ ### Azure Governance Visualizer version 6 +__Changes__ (2023-Dec-16 / 6.3.6 Minor) + +* fix: processing of Service Principal names that contain special characters +* fix: RBAC reporting correct RBAC Role assignment related Policy assignment Policy definition displayName +* update ARM API-version for CostManagement. Using `2023-03-01` instead of `2019-11-01` + __Changes__ (2023-Dec-15 / 6.3.5 Minor) * Checking if the response of the storage account properties request is a byte array (type 'byte[]') and decode it to a string * Different handling of BOM (Byte order mark) for XML returns on storage account properties request (since Powershell version 7.4.0) +* use [AzAPICall](https://aka.ms/AzAPICall) PowerShell module version 1.1.85 __Changes__ (2023-Nov-13 / 6.3.4 Minor) diff --git a/pwsh/AzGovVizParallel.ps1 b/pwsh/AzGovVizParallel.ps1 index 6b01c6bc..3f7dcbaf 100644 --- a/pwsh/AzGovVizParallel.ps1 +++ b/pwsh/AzGovVizParallel.ps1 @@ -365,7 +365,7 @@ Param $Product = 'AzGovViz', [string] - $ProductVersion = '6.3.5', + $ProductVersion = '6.3.6', [string] $GithubRepository = 'aka.ms/AzGovViz', @@ -2593,7 +2593,7 @@ function getConsumption { $currenttask = "Getting Consumption data (scope MG '$($ManagementGroupId)') for $($subsToProcessInCustomDataCollectionCount) Subscriptions (QuotaId Whitelist: '$($SubscriptionQuotaIdWhitelist -join ', ')') for period $AzureConsumptionPeriod days ($azureConsumptionStartDate - $azureConsumptionEndDate)" Write-Host "$currentTask" #https://docs.microsoft.com/en-us/rest/api/cost-management/query/usage - $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/providers/Microsoft.Management/managementGroups/$($ManagementGroupId)/providers/Microsoft.CostManagement/query?api-version=2019-11-01&`$top=5000" + $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/providers/Microsoft.Management/managementGroups/$($ManagementGroupId)/providers/Microsoft.CostManagement/query?api-version=2023-03-01&`$top=5000" $method = 'POST' $counterBatch = [PSCustomObject] @{ Value = 0 } @@ -2744,7 +2744,7 @@ function getConsumption { #test Write-Host $currentTask #https://docs.microsoft.com/en-us/rest/api/cost-management/query/usage - $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/subscriptions/$($subIdToProcess)/providers/Microsoft.CostManagement/query?api-version=2019-11-01&`$top=5000" + $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/subscriptions/$($subIdToProcess)/providers/Microsoft.CostManagement/query?api-version=2023-03-01&`$top=5000" $method = 'POST' $subConsumptionData = AzAPICall -AzAPICallConfiguration $azAPICallConf -uri $uri -method $method -body $body -currentTask $currentTask -listenOn 'ContentProperties' if ($subConsumptionData -eq 'Unauthorized' -or $subConsumptionData -eq 'OfferNotSupported' -or $subConsumptionData -eq 'InvalidQueryDefinition' -or $subConsumptionData -eq 'NonValidWebDirectAIRSOfferType' -or $subConsumptionData -eq 'NotFoundNotSupported' -or $subConsumptionData -eq 'IndirectCostDisabled') { @@ -2805,7 +2805,7 @@ function getConsumption { $currenttask = "Getting Consumption data (scope MG '$($ManagementGroupId)') for period $AzureConsumptionPeriod days ($azureConsumptionStartDate - $azureConsumptionEndDate)" Write-Host "$currentTask" #https://docs.microsoft.com/en-us/rest/api/cost-management/query/usage - $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/providers/Microsoft.Management/managementGroups/$($ManagementGroupId)/providers/Microsoft.CostManagement/query?api-version=2019-11-01&`$top=5000" + $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/providers/Microsoft.Management/managementGroups/$($ManagementGroupId)/providers/Microsoft.CostManagement/query?api-version=2023-03-01&`$top=5000" $method = 'POST' $body = @" { @@ -2936,7 +2936,7 @@ function getConsumption { #test Write-Host $currentTask #https://docs.microsoft.com/en-us/rest/api/cost-management/query/usage - $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/subscriptions/$($subIdToProcess)/providers/Microsoft.CostManagement/query?api-version=2019-11-01&`$top=5000" + $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/subscriptions/$($subIdToProcess)/providers/Microsoft.CostManagement/query?api-version=2023-03-01&`$top=5000" $method = 'POST' $subConsumptionData = AzAPICall -AzAPICallConfiguration $azAPICallConf -uri $uri -method $method -body $body -currentTask $currentTask -listenOn 'ContentProperties' if ($subConsumptionData -eq 'Unauthorized' -or $subConsumptionData -eq 'OfferNotSupported' -or $subConsumptionData -eq 'InvalidQueryDefinition' -or $subConsumptionData -eq 'NonValidWebDirectAIRSOfferType' -or $subConsumptionData -eq 'NotFoundNotSupported' -or $subConsumptionData -eq 'IndirectCostDisabled') { @@ -12809,10 +12809,12 @@ function processTenantSummary() { #policy if ($policyDefinitionId -like '/providers/Microsoft.Authorization/policyDefinitions/*') { $LinkOrNotLinkToAzAdvertizer = ($htCacheDefinitionsPolicy).($policyDefinitionId).LinkToAzAdvertizer + $policyDisplayName = ($htCacheDefinitionsPolicy).($policyDefinitionId).DisplayName } #policySet if ($policyDefinitionId -like '/providers/Microsoft.Authorization/policySetDefinitions/*') { $LinkOrNotLinkToAzAdvertizer = ($htCacheDefinitionsPolicySet).($policyDefinitionId).LinkToAzAdvertizer + $policyDisplayName = ($htCacheDefinitionsPolicySet).($policyDefinitionId).DisplayName } } else { @@ -12824,7 +12826,6 @@ function processTenantSummary() { #policySet if ($policyDefinitionId -like '*/providers/Microsoft.Authorization/policySetDefinitions/*') { $policyDisplayName = ($htCacheDefinitionsPolicySet).($policyDefinitionId).DisplayName - } $LinkOrNotLinkToAzAdvertizer = "$($policyDisplayName -replace '<', '<' -replace '>', '>')" @@ -25274,7 +25275,10 @@ tf.init();}} } } else { - $s1 = $altName -replace '.*/providers/'; $rm = $s1 -replace '.*/'; $resourceType = $s1 -replace "/$($rm)" + #https://learn.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.escape + $s1 = $altName -replace '.*/providers/' + $rm = $s1 -replace '.*/' + $resourceType = $s1 -replace "/$([System.Text.RegularExpressions.Regex]::Escape($rm))" $miAlternativeName = $altname $miResourceType = $resourceType } diff --git a/pwsh/dev/devAzGovVizParallel.ps1 b/pwsh/dev/devAzGovVizParallel.ps1 index cfbc48c4..2eaf9044 100644 --- a/pwsh/dev/devAzGovVizParallel.ps1 +++ b/pwsh/dev/devAzGovVizParallel.ps1 @@ -365,7 +365,7 @@ Param $Product = 'AzGovViz', [string] - $ProductVersion = '6.3.5', + $ProductVersion = '6.3.6', [string] $GithubRepository = 'aka.ms/AzGovViz', diff --git a/pwsh/dev/functions/getConsumption.ps1 b/pwsh/dev/functions/getConsumption.ps1 index 6a76160e..95830d8e 100644 --- a/pwsh/dev/functions/getConsumption.ps1 +++ b/pwsh/dev/functions/getConsumption.ps1 @@ -34,7 +34,7 @@ function getConsumption { $currenttask = "Getting Consumption data (scope MG '$($ManagementGroupId)') for $($subsToProcessInCustomDataCollectionCount) Subscriptions (QuotaId Whitelist: '$($SubscriptionQuotaIdWhitelist -join ', ')') for period $AzureConsumptionPeriod days ($azureConsumptionStartDate - $azureConsumptionEndDate)" Write-Host "$currentTask" #https://docs.microsoft.com/en-us/rest/api/cost-management/query/usage - $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/providers/Microsoft.Management/managementGroups/$($ManagementGroupId)/providers/Microsoft.CostManagement/query?api-version=2019-11-01&`$top=5000" + $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/providers/Microsoft.Management/managementGroups/$($ManagementGroupId)/providers/Microsoft.CostManagement/query?api-version=2023-03-01&`$top=5000" $method = 'POST' $counterBatch = [PSCustomObject] @{ Value = 0 } @@ -185,7 +185,7 @@ function getConsumption { #test Write-Host $currentTask #https://docs.microsoft.com/en-us/rest/api/cost-management/query/usage - $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/subscriptions/$($subIdToProcess)/providers/Microsoft.CostManagement/query?api-version=2019-11-01&`$top=5000" + $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/subscriptions/$($subIdToProcess)/providers/Microsoft.CostManagement/query?api-version=2023-03-01&`$top=5000" $method = 'POST' $subConsumptionData = AzAPICall -AzAPICallConfiguration $azAPICallConf -uri $uri -method $method -body $body -currentTask $currentTask -listenOn 'ContentProperties' if ($subConsumptionData -eq 'Unauthorized' -or $subConsumptionData -eq 'OfferNotSupported' -or $subConsumptionData -eq 'InvalidQueryDefinition' -or $subConsumptionData -eq 'NonValidWebDirectAIRSOfferType' -or $subConsumptionData -eq 'NotFoundNotSupported' -or $subConsumptionData -eq 'IndirectCostDisabled') { @@ -246,7 +246,7 @@ function getConsumption { $currenttask = "Getting Consumption data (scope MG '$($ManagementGroupId)') for period $AzureConsumptionPeriod days ($azureConsumptionStartDate - $azureConsumptionEndDate)" Write-Host "$currentTask" #https://docs.microsoft.com/en-us/rest/api/cost-management/query/usage - $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/providers/Microsoft.Management/managementGroups/$($ManagementGroupId)/providers/Microsoft.CostManagement/query?api-version=2019-11-01&`$top=5000" + $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/providers/Microsoft.Management/managementGroups/$($ManagementGroupId)/providers/Microsoft.CostManagement/query?api-version=2023-03-01&`$top=5000" $method = 'POST' $body = @" { @@ -377,7 +377,7 @@ function getConsumption { #test Write-Host $currentTask #https://docs.microsoft.com/en-us/rest/api/cost-management/query/usage - $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/subscriptions/$($subIdToProcess)/providers/Microsoft.CostManagement/query?api-version=2019-11-01&`$top=5000" + $uri = "$($azAPICallConf['azAPIEndpointUrls'].ARM)/subscriptions/$($subIdToProcess)/providers/Microsoft.CostManagement/query?api-version=2023-03-01&`$top=5000" $method = 'POST' $subConsumptionData = AzAPICall -AzAPICallConfiguration $azAPICallConf -uri $uri -method $method -body $body -currentTask $currentTask -listenOn 'ContentProperties' if ($subConsumptionData -eq 'Unauthorized' -or $subConsumptionData -eq 'OfferNotSupported' -or $subConsumptionData -eq 'InvalidQueryDefinition' -or $subConsumptionData -eq 'NonValidWebDirectAIRSOfferType' -or $subConsumptionData -eq 'NotFoundNotSupported' -or $subConsumptionData -eq 'IndirectCostDisabled') { diff --git a/pwsh/dev/functions/processTenantSummary.ps1 b/pwsh/dev/functions/processTenantSummary.ps1 index 85404b81..2f873437 100644 --- a/pwsh/dev/functions/processTenantSummary.ps1 +++ b/pwsh/dev/functions/processTenantSummary.ps1 @@ -52,10 +52,12 @@ function processTenantSummary() { #policy if ($policyDefinitionId -like '/providers/Microsoft.Authorization/policyDefinitions/*') { $LinkOrNotLinkToAzAdvertizer = ($htCacheDefinitionsPolicy).($policyDefinitionId).LinkToAzAdvertizer + $policyDisplayName = ($htCacheDefinitionsPolicy).($policyDefinitionId).DisplayName } #policySet if ($policyDefinitionId -like '/providers/Microsoft.Authorization/policySetDefinitions/*') { $LinkOrNotLinkToAzAdvertizer = ($htCacheDefinitionsPolicySet).($policyDefinitionId).LinkToAzAdvertizer + $policyDisplayName = ($htCacheDefinitionsPolicySet).($policyDefinitionId).DisplayName } } else { @@ -67,7 +69,6 @@ function processTenantSummary() { #policySet if ($policyDefinitionId -like '*/providers/Microsoft.Authorization/policySetDefinitions/*') { $policyDisplayName = ($htCacheDefinitionsPolicySet).($policyDefinitionId).DisplayName - } $LinkOrNotLinkToAzAdvertizer = "$($policyDisplayName -replace '<', '<' -replace '>', '>')" @@ -12517,7 +12518,10 @@ tf.init();}} } } else { - $s1 = $altName -replace '.*/providers/'; $rm = $s1 -replace '.*/'; $resourceType = $s1 -replace "/$($rm)" + #https://learn.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.escape + $s1 = $altName -replace '.*/providers/' + $rm = $s1 -replace '.*/' + $resourceType = $s1 -replace "/$([System.Text.RegularExpressions.Regex]::Escape($rm))" $miAlternativeName = $altname $miResourceType = $resourceType } diff --git a/version.json b/version.json index ca651092..43c2d443 100644 --- a/version.json +++ b/version.json @@ -1,3 +1,3 @@ { - "ProductVersion": "6.3.5" + "ProductVersion": "6.3.6" } \ No newline at end of file