forked from Mynster9361/Least_Privileged_MSGraph
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathjustForTesting.ps1
More file actions
47 lines (31 loc) · 1.59 KB
/
justForTesting.ps1
File metadata and controls
47 lines (31 loc) · 1.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#Requires -Module EntraAuth
param(
[string]$tenantId,
[string]$clientId,
[SecureString]$clientSecret,
[string]$logAnalyticsWorkspaceId,
[int]$daysToQuery = 30
)
#region temp implementation to load in all functions in the clean folder
Import-Module .\output\module\LeastPrivilegedMSGraph\0.1.0\LeastPrivilegedMSGraph.psd1
#endregion temp implementation to load in all functions in the clean folder
#region Initialize log analytics service and connect to msgraph,LogAnalytics with app read all permission
Initialize-LogAnalyticsApi
Connect-EntraService -ClientID $clientId -TenantID $tenantId -ClientSecret $clientSecret -Service "LogAnalytics", "GraphBeta"
#endregion Initialize log analytics service and connect to msgraph,LogAnalytics with app read all permission
#region the good stuff
$lightweightGroups = Get-AppRoleAssignment | Select-Object -First 5
$lightweightGroups | Get-AppActivityData -WorkspaceId $logAnalyticsWorkspaceId -Days $daysToQuery
$lightweightGroups | Get-AppThrottlingData -WorkspaceId $logAnalyticsWorkspaceId -Days $daysToQuery
$lightweightGroups | Get-PermissionAnalysis
Export-PermissionAnalysisReport -AppData $lightweightGroups -OutputPath ".\report.html"
#endregion the good stuff
#region full pipeline
# PIPE EVERYTHING!!!!
Get-AppRoleAssignment |
Select-Object -First 7 |
Get-AppActivityData -WorkspaceId $logAnalyticsWorkspaceId -Days $daysToQuery |
Get-AppThrottlingData -WorkspaceId $logAnalyticsWorkspaceId -Days $daysToQuery |
Get-PermissionAnalysis |
Export-PermissionAnalysisReport -OutputPath ".\report5.html"
#endregion full pipeline