-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathAudit-AzVirtualNetwork.ps1
148 lines (133 loc) · 6.54 KB
/
Audit-AzVirtualNetwork.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
<#
.SYNOPSIS
Audit Azure Virtual Network and extract the result in a csv file
.DESCRIPTION
REQUIRED : Internet access & Already connected to an Azure tenant
REQUIRED : PowerShell modules, see variables
.PARAMETER LogFile
Optional
Log file path
.NOTES
AUTHOR: James Dumont le Douarec
.LINK
https://github.com/JamesDLD/AzureRm-PowerShell
.EXAMPLE
.\Audit-AzVirtualNetwork.ps1
#>
param(
[Parameter(Mandatory=$false,HelpMessage='Log file path')]
[String]
$LogFile
)
################################################################################
# Function
################################################################################
#region function
Function VnetSummary_array{
[CmdletBinding()]
Param (
[Parameter(Mandatory=$true,ValueFromPipeline=$true)][String] $AzureSubscriptionName,
[Parameter(Mandatory=$true,ValueFromPipeline=$true)][String] $VnetName,
[Parameter(Mandatory=$true,ValueFromPipeline=$true)][String] $VnetResourceGroupName,
[Parameter(Mandatory=$true,ValueFromPipeline=$true)][String] $AddressPrefixes,
[Parameter(Mandatory=$true,ValueFromPipeline=$true)][String] $SubnetsCount,
[Parameter(Mandatory=$true,ValueFromPipeline=$true)][String] $PeeringsCount,
[Parameter(Mandatory=$true,ValueFromPipeline=$true)][String] $PeeringsLimit
)
Process {
$private:tableObj=New-Object PSObject
$tableObj | Add-Member -Name AzureSubscriptionName -MemberType NoteProperty -Value $AzureSubscriptionName
$tableObj | Add-Member -Name VnetName -MemberType NoteProperty -Value $VnetName
$tableObj | Add-Member -Name VnetResourceGroupName -MemberType NoteProperty -Value $VnetResourceGroupName
$tableObj | Add-Member -Name AddressPrefixes -MemberType NoteProperty -Value $AddressPrefixes
$tableObj | Add-Member -Name SubnetsCount -MemberType NoteProperty -Value $SubnetsCount
$tableObj | Add-Member -Name PeeringsCount -MemberType NoteProperty -Value $PeeringsCount
$tableObj | Add-Member -Name PeeringsLimit -MemberType NoteProperty -Value $PeeringsLimit
return $tableObj
}
}
Function Generate_Log_Action([string]$Action, [ScriptBlock]$Command, [string]$LogFile){
$Output = "Info : $Action ... "
Write-Host $Output -ForegroundColor Cyan
((Get-Date -UFormat "[%d-%m-%Y %H:%M:%S] : ") + "Info" + " : " + $Action) | Out-File -FilePath $LogFile -Append -Force
Try{
$Result = Invoke-Command -ScriptBlock $Command
}
Catch {
$ErrorMessage = $_.Exception.Message
$Output = "On action $Action : $ErrorMessage"
((Get-Date -UFormat "[%d-%m-%Y %H:%M:%S] : ") + "Error" + " : " + $Output) | Out-File -FilePath $LogFile -Append -Force
Write-Error $Output
$Result = "Error"
}
Return $Result
}
#endregion
################################################################################
# Variable
################################################################################
Set-StrictMode -Version 2
$ErrorActionPreference = "Stop"
$AzureRmSubscriptions = Get-AzSubscription
$VnetSummary_array = @()
$workfolder = Split-Path $script:MyInvocation.MyCommand.Path
$date = Get-Date -UFormat "%d-%m-%Y"
$PowerShellModules = @(
("Az.Accounts","1.3.0"),
("Az.Network","1.1.0")
)
#If not provided, creating the log file
if($LogFile -eq "")
{
$LogPath = $workfolder + "\logs"
if(!(Test-Path $LogPath)){mkdir $LogPath}
$logFile = $LogPath + "\$date-" + $MyInvocation.MyCommand.Name + ".log"
}
ForEach ($PowerShellModule in $PowerShellModules)
{
$Action = "Importing the Module $($PowerShellModule[0]) with MinimumVersion $($PowerShellModule[1])"
$Command = {Import-Module $PowerShellModule[0] -MinimumVersion $($PowerShellModule[1]) -ErrorAction Stop}
$Result = Generate_Log_Action -Action $Action -Command $Command -LogFile $logFile
if($Result -eq "Error"){Exit 1}
}
#endregion
################################################################################
# Action
################################################################################
foreach ($AzureRmSubscription in $AzureRmSubscriptions)
{
$Action = "Getting the AzureRm context for the SubscriptionName : $($AzureRmSubscription.Name)"
$Command = {Get-AzSubscription -SubscriptionName $AzureRmSubscription.Name | Set-AzContext -ErrorAction Stop}
$AzureRmContext = Generate_Log_Action -Action $Action -Command $Command -LogFile $logFile
if($AzureRmContext -eq "Error"){Exit 1}
$Action = "Selecting the AzureRm SubscriptionName : $($AzureRmSubscription.Name)"
$Command = {Select-AzSubscription -Name $AzureRmSubscription.Name -Context $AzureRmContext -Force -ErrorAction Stop}
$Result = Generate_Log_Action -Action $Action -Command $Command -LogFile $logFile
if($Result -eq "Error"){Exit 1}
$Action = "Getting the vnet from the SubscriptionName : $($AzureRmSubscription.Name)"
$Command = {Get-AzVirtualNetwork -ErrorAction Stop}
$Vnets = Generate_Log_Action -Action $Action -Command $Command -LogFile $logFile
if($Result -eq "Error"){Exit 1}
foreach ($Vnet in $Vnets)
{
$Action = "Getting the vnet peering limit on the region : $($Vnet.Location) on the SubscriptionName : $($AzureRmSubscription.Name)"
$Command = {Get-AzNetworkUsage -Location $Vnet.Location}
$NetworkUsage = Generate_Log_Action -Action $Action -Command $Command -LogFile $logFile
if($Result -eq "Error"){Exit 1}
$PeeringsLimit = $($NetworkUsage | Where-Object {$_.ResourceType -like "Peerings per Virtual Network"}).Limit
$VnetSummary_array += VnetSummary_array -AzureSubscriptionName $AzureRmSubscription.Name `
-VnetName $Vnet.Name `
-VnetResourceGroupName $Vnet.ResourceGroupName `
-AddressPrefixes $Vnet.AddressSpace.AddressPrefixes `
-SubnetsCount $Vnet.Subnets.Count `
-PeeringsCount $Vnet.VirtualNetworkPeerings.Count `
-PeeringsLimit $PeeringsLimit
}
}
################################################################################
# Output
################################################################################
$Action = "Exporting the Vnet summary audit result in to the file : $($workfolder + "\logs" + "\$date-VnetSummary.csv")"
$Command = {$VnetSummary_array | export-csv $($workfolder + "\logs" + "\$date-VnetSummary.csv") -notypeinformation -ErrorAction Stop}
$Result = Generate_Log_Action -Action $Action -Command $Command -LogFile $logFile
if($Result -eq "Error"){Exit 1}