v6_major_20221228_1

Changes (2022-Dec-28 / Major)

• Instead of trying to get full properties of all resource types only approach available Private Endpoint resource types
• Use AzAPICall PowerShell module version 1.1.63
  • Optimize error output for unknown convertFrom-JSON errors
• Updated API reference
• 🚀 By the way - checkout the updated 'well performing' AzAliasAdvertizer

v6_major_20221222_1

Changes (2022-Dec-22 / Major)

• Fix issue for Private Endpoints feature
• Add reference for Microsoft Defender for Cloud security alerts on AzGovViz activity - Security
• Fix for migrated Subscriptions. In rare cases a subscription that was migrated to another tenant may still be returned from the Entities ARM API, but not from the Subscriptions ARM API - if that is the case then these subscriptions will be added to the out-of-scope subscriptions collection
• Use AzAPICall PowerShell module version 1.1.62
  • Fix issue 155 AzureChinaCloud
• Minor optimizations
  • Using parameter -ManagementGroupsOnly
  • Using parameter -HierarchyMapOnly
  • Overall script optimizations

v6_major_20221212_1

Changes (2022-Dec-12 / Major)

• Pausing 'PSRule for Azure' integration. AzGovViz leveraged the Invoke-PSRule cmdlet, but there are certain resource types where also child resources need to be queried to achieve full rule evaluation.
• Enhance Private Endpoints feature / cross tenant PE
• Fix for migrated Subscriptions. In rare cases a subscription that was migrated to another tenant may still be returned from the ARM API, if that is the case then these subscriptions will be added to the out-of-scope subscriptions collection
• Update Azure Devops Pipeline YAML
  • Enhance error handling if Management Group Id containing spaces is provided - thanks @cbezenco
• Use AzAPICall PowerShell module version 1.1.59

v6_major_20221204_1

Changes (2022-Dec-04 / Major)

• PSRule for Azure fix | Get resources using ARM API inside Foreach-Object -parallel loop
• Private Endpoints
  • fix resource identification
  • add cross tenant detection
• Storage Account Access Analysis - add insights on 'Allowed Copy Scope' and 'Allow Cross Tenant Replication'
• Updated API reference
• Cosmetics
• Bugfixes

v6_major_20221121_1

Changes (2022-Nov-21 / Major)

• Network analysis - new features
  • Subnets
    • new parameter -NetworkSubnetIPAddressUsageCriticalPercentage warning level when certain percentage of IP addresses is used (default = 90%). Kudos to @ElanShudnow AzSubnetAvailability - GitHub
  • Private Endpoints
• Enhance Network feature - Virtual Networks and Virtual Network Peerings
• Use AzAPICall PowerShell module version 1.1.54
  • another retry mechanism fix
• Bugfix PIM eligible / Guest User - thanks @nanigan
• Updated API reference

v6_major_20221113_1

Changes (2022-Nov-13 / Major)

• Network analysis - VNet peerings detect cross tenant peering -> triggered by @TimWanierke, thanks!
• Updated Storage Account Analysis to handle error 'AuthorizationPermissionMismatch'
• Updated orphaned resources query for punlic IP addressen following the source repository Azure Orphan Resources - GitHub
• Use AzAPICall PowerShell module version 1.1.50
• Update Contribution Guide

v6_major_20221031_1

Changes (2022-Oct-31 / Major)

• New feature - Network analysis (TenantSummary and CSV export)
  • Virtual Networks
  • Virtual Network Peerings
• New parameter -NoResourceProvidersAtAll - processing Resource Providers in large tenants can consume a lot of memory / increase processing time significantly
• Fix issue #139
• Update *_DailySummary.csv with orphaned resources costs (disks, public IP addresses) - thanks @kaiaschulz
• Slight adjustment on *_RoleAssignments.csv output - rename column tenOrMgOrSubOrRGOrRes to scopeTenOrMgOrSubOrRGOrRes
• Publish .vscode
• Use AzAPICall PowerShell module version 1.1.45
• Minor optimizations
• Add reference to Media: Microsoft Tech Talks - Bevan Sinclair (Cloud Solution Architect Microsoft) Automated Governance Reporting in Azure (MTT0AEDT) (register to view)

v6_major_20221005_1

Changes (2022-Oct-05 / Major)

• Use AzAPICall PowerShell module version 1.1.33

Changes (2022-Oct-04 / Major)

• New feature to report on Microsoft Defender for Cloud Email notifications configuration for Subscriptions. Data is provided in the HTML TenantSummary (Subscriptions, Resources & Defender) and ScopeInsights
  • Updated API reference
• Further enrich Subscription insights TenantSummary (Subscriptions, Resources & Defender) - Owner & User Access Administrator Role assignment count (at scope) direct and indirect, plus PIM eligibility count
• Use AzAPICall PowerShell module version 1.1.31

v6_major_20220930_1

Changes (2022-Sep-30 / Major)

• Fix issue #135
  • Embedded GitHub Actions OIDC (Open ID Connect) specific functionality to reconnect and get new token (AzAPICall)
  • New parameter -GitHubActionsOIDC which is only to be used for GitHub Actions /.github/workflows/AzGovViz_OIDC.yml
  • Updated /.github/workflows/AzGovViz_OIDC.yml to use the new parameter -GitHubActionsOIDC
• Fix issue #136
  • Handle return for Storage Accounts located in managed Resource Groups
    🌸 Call for contribution: Please review the list of known managed Resource Groups and contribute if you can, thanks!
• Added missing variable NoStorageAccountAccessAnalysis in .azuredevops/pipelines/AzGovViz.variables.yml
• Use AzAPICall PowerShell module version 1.1.29

v6_major_20220927_1

Changes (2022-Sep-27 / Major)

• New feature 'Storage Account Access Analysis' - provides insights on Storage Accounts focusing on anonymous access (containers/blobs and static website feature). Data is provided in the HTML TenantSummary (Subscriptions, Resources & Defender) and as CSV export
  • New parameter -NoStorageAccountAccessAnalysis - do not execute the feature
  • New parameter -StorageAccountAccessAnalysisSubscriptionTags - define the Subscription tags that should be added to the CSV output
  • New parameter -StorageAccountAccessAnalysisStorageAccountTags - define the Storage Account (resource) tags that should be added to the CSV output
  • Updated .azuredevops/pipelines/AzGovViz.variables.yml accordingly
• Rename 'ALZ EverGreen' feature to 'Azure Landing Zones (ALZ) Policy Version Checker'
  • Replaced parameter -NoALZEverGreen -NoALZPolicyVersionChecker
• Use AzAPICall PowerShell module version 1.1.24