AzureAssess is your go-to tool for taking the pulse of your Azure environment. Wondering how your Azure is doing? You’re not alone. With the continuous evolution of cloud services, it’s crucial to stay on top of your environment’s security and management.

While Azure offers tools like Defender for Cloud and Azure Policies, sometimes you need to take that initial step, prioritize, and commit to continuous improvement.

Clouds don’t wait for you to catch your breath. Change is constant, with new services and exploits emerging regularly.

In the quest to assess the state of Azure, I pondered a simple question: What matters to me today?

Diving headfirst into Defender for Cloud or Azure Policies might seem overwhelming at first. Audit alerts and the need for secure configurations with meticulous change control can add complexity.

Sure, there are tools like azqr and PSRules Azure for auditing your Azure environment, but I craved a more personalized touch.

So, where did I begin? With one of my favorite scripting languages — PowerShell!

Introducing the AzureAssess module! This script provides a sneak peek into your resources’ network status, Defender for Cloud coverage, and role assignments. It covers just a handful of key resources for now, but trust me, it’s a work in progress!

Don’t hesitate to join the conversation and contribute via a PR or open an issue—we’re all in this Azure assessment journey together! 🚀

How to do an assessment

# install the powershell module
PS> Install-Module -Name AzureAssess
# connect to Azure - leverages Connect-AzAccount
PS> Connect-AzureAssess
# Collect information about management groups
PS> Get-AzureAssessResources -ManagementGroupNames <management groups>
# *Or* collect information about a subscription
PS> Get-AzureAssessResources -SubscriptionId <subscription id>
# *Or* collect information about a resource group
PS> Get-AzureAssessResources -SubscriptionId <subscription id> -ResourceGroupName <resource group name>
# Get information about role assignments
PS> Resolve-AzureAssessPrivilegedIdentities

This will generate a bunch of CSVs about Azure :) Feel free to look into those.

They can then be injected in the Power BI template mentioned earlier (and screenshotted) so you can look through the data!