Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⭐️ Azure: Assigned Policies #4562

Merged
merged 2 commits into from
Aug 16, 2024
Merged

⭐️ Azure: Assigned Policies #4562

merged 2 commits into from
Aug 16, 2024

Conversation

HRouhani
Copy link
Contributor

No description provided.

@HRouhani
⭐️ Azure: Assigned Policies
2949520 
Signed-off-by: Hossein Rouhani <[email protected]>
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 16, 2024
edited
Loading

Test Results

3 097 tests  ±0   3 096 ✅ ±0   1m 18s ⏱️ -25s
  370 suites ±0       1 💤 ±0 
   28 files   ±0       0 ❌ ±0 

Results for commit 5367de5. ± Comparison against base commit ebde260.

♻️ This comment has been updated with latest results.

@chris-rock
Copy link
Member

Updated the PR to make it easier to check for specific policy assignments:

cnquery> azure.subscription.policy.assignments.one(id == "/providers/Microsoft.Authorization/policyDefinitions/bd876905-5b84-4f73-ab2d-2e7a7c4568d9")
[ok] value: true

We also cleaned up the way we list assigned policies:

cnquery> azure.subscription.policy.assignments
azure.subscription.policy.assignments: [
  0: azure.subscription.policy.assignment name="Machines should be configured to periodically check for missing system updates" enforcementMode="Default"
  1: azure.subscription.policy.assignment name="ASC DataProtection (subscription: d6456835-9047-4414-b811-4c26c7bc7530)" enforcementMode="Default"
  2: azure.subscription.policy.assignment name="ASC OpenSourceRelationalDatabasesProtection (subscription: d6456835-9047-4414-b811-4c26c7bc7530)" enforcementMode="Default"
  3: azure.subscription.policy.assignment name="Defender for Containers provisioning Policy extension for Arc-enabled Kubernetes" enforcementMode="Default"
  4: azure.subscription.policy.assignment name="Defender for Containers provisioning ARC k8s Enabled" enforcementMode="Default"
  5: azure.subscription.policy.assignment name="Defender for Containers provisioning Azure Policy Addon for Kubernetes" enforcementMode="Default"
  6: azure.subscription.policy.assignment name="Defender for Containers provisioning AKS Security Profile" enforcementMode="Default"
  7: azure.subscription.policy.assignment name="ASC Default (subscription: d6456835-9047-4414-b811-4c26c7bc7530)" enforcementMode="Default"
]

@chris-rock chris-rock force-pushed the hossein/azure-policy-aissigned branch from 9e1157f to 5367de5 Compare August 16, 2024 17:14
chris-rock
chris-rock approved these changes Aug 16, 2024
View reviewed changes
Copy link
Member

@chris-rock chris-rock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @HRouhani

@chris-rock chris-rock merged commit 2415ef7 into main Aug 16, 2024
15 checks passed
@chris-rock chris-rock deleted the hossein/azure-policy-aissigned branch August 16, 2024 17:17
@github-actions github-actions bot locked and limited conversation to collaborators Aug 16, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@chris-rock chris-rock chris-rock approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@HRouhani @chris-rock