Skip to content

Commit

Permalink
Create detailSubscriptions.ps1
Browse files Browse the repository at this point in the history
  • Loading branch information
@JulianHayward
JulianHayward authored Sep 6, 2024
1 parent b316341 commit 968e71e
Showing 1 changed file with 142 additions and 0 deletions.
142 changes: 142 additions & 0 deletions azgvzdebug/detailSubscriptions.ps1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
function detailSubscriptions {
$start = Get-Date
Write-Host 'Subscription picking'
#API in rare cases returns duplicates, therefor sorting unique (id)
$childrenSubscriptions = $arrayEntitiesFromAPI.where( { $_.properties.parentNameChain -contains $ManagementGroupID -and $_.type -eq '/subscriptions' } ) | Sort-Object -Property id -Unique
$script:childrenSubscriptionsCount = ($childrenSubscriptions).Count
$script:subsToProcessInCustomDataCollection = [System.Collections.ArrayList]@()

if ($htSubscriptionsFromOtherTenants.keys.count -gt 0) {
foreach ($subscriptionExludedOtherTenant in $htSubscriptionsFromOtherTenants.keys) {
$subscriptionExludedOtherTenantDetail = $htSubscriptionsFromOtherTenants.($subscriptionExludedOtherTenant).subDetails
$null = $script:outOfScopeSubscriptions.Add([PSCustomObject]@{
subscriptionId = $subscriptionExludedOtherTenantDetail.subscriptionId
subscriptionName = $subscriptionExludedOtherTenantDetail.displayName
outOfScopeReason = "Foreign tenant: Id: $($subscriptionExludedOtherTenantDetail.tenantId)"
ManagementGroupId = ''
ManagementGroupName = ''
Level = ''
})
}
}

if ($htsubscriptionsFromEntitiesThatAreNotInGetSubscriptions.keys.count -gt 0) {
foreach ($subscriptionExludedInEntitiesNotInSubscriptions in $htsubscriptionsFromEntitiesThatAreNotInGetSubscriptions.keys) {
$subscriptionExludedInEntitiesNotInSubscriptionsDetail = $htsubscriptionsFromEntitiesThatAreNotInGetSubscriptions.($subscriptionExludedInEntitiesNotInSubscriptions)
$null = $script:outOfScopeSubscriptions.Add([PSCustomObject]@{
subscriptionId = $subscriptionExludedInEntitiesNotInSubscriptions
subscriptionName = $subscriptionExludedInEntitiesNotInSubscriptionsDetail.properties.displayName
outOfScopeReason = 'Sub in GetEntities, not in GetSubscriptions'
ManagementGroupId = ''
ManagementGroupName = ''
Level = ''
})
}
}

foreach ($childrenSubscription in $childrenSubscriptions) {

Write-Host "DEBUG#253: Processing: $($childrenSubscription.properties.displayName) ($($childrenSubscription.name))"
if (-not $htSubscriptionsMgPath.($childrenSubscription.name)) {
Write-Host "no record for $($childrenSubscription.name) in `$htSubscriptionsMgPath"
}
if (-not $htAllSubscriptionsFromAPI.($childrenSubscription.name)) {
Write-Host "no record for $($childrenSubscription.name) in `$htAllSubscriptionsFromAPI"
}

$sub = $htAllSubscriptionsFromAPI.($childrenSubscription.name)
if ($sub.subDetails.subscriptionPolicies.quotaId.startswith('AAD_', 'CurrentCultureIgnoreCase') -or $sub.subDetails.state -ne 'Enabled') {
if (($sub.subDetails.subscriptionPolicies.quotaId).startswith('AAD_', 'CurrentCultureIgnoreCase')) {
$null = $script:outOfScopeSubscriptions.Add([PSCustomObject]@{
subscriptionId = $childrenSubscription.name
subscriptionName = $childrenSubscription.properties.displayName
outOfScopeReason = "QuotaId: AAD_ (State: $($sub.subDetails.state))"
ManagementGroupId = $htSubscriptionsMgPath.($childrenSubscription.name).Parent
ManagementGroupName = $htSubscriptionsMgPath.($childrenSubscription.name).ParentName
Level = $htSubscriptionsMgPath.($childrenSubscription.name).level
})
}
if ($sub.subDetails.state -ne 'Enabled') {
$null = $script:outOfScopeSubscriptions.Add([PSCustomObject]@{
subscriptionId = $childrenSubscription.name
subscriptionName = $childrenSubscription.properties.displayName
outOfScopeReason = "State: $($sub.subDetails.state)"
ManagementGroupId = $htSubscriptionsMgPath.($childrenSubscription.name).Parent
ManagementGroupName = $htSubscriptionsMgPath.($childrenSubscription.name).ParentName
Level = $htSubscriptionsMgPath.($childrenSubscription.name).level
})
}
}
else {
if ($SubscriptionQuotaIdWhitelist[0] -ne 'undefined') {
$whitelistMatched = 'unknown'
foreach ($subscriptionQuotaIdWhitelistQuotaId in $SubscriptionQuotaIdWhitelist) {
if (($sub.subDetails.subscriptionPolicies.quotaId).startswith($subscriptionQuotaIdWhitelistQuotaId, 'CurrentCultureIgnoreCase')) {
$whitelistMatched = 'inWhitelist'
}
}

if ($whitelistMatched -eq 'inWhitelist') {
#write-host "$($childrenSubscription.properties.displayName) in whitelist"
$null = $script:subsToProcessInCustomDataCollection.Add([PSCustomObject]@{
subscriptionId = $childrenSubscription.name
subscriptionName = $childrenSubscription.properties.displayName
subscriptionQuotaId = $sub.subDetails.subscriptionPolicies.quotaId
})
}
else {
#Write-Host " preCustomDataCollection: $($childrenSubscription.properties.displayName) ($($childrenSubscription.name)) Subscription Quota Id: $($sub.subDetails.subscriptionPolicies.quotaId) is out of scope for Azure Governance Visualizer (not in Whitelist)"
$null = $script:outOfScopeSubscriptions.Add([PSCustomObject]@{
subscriptionId = $childrenSubscription.name
subscriptionName = $childrenSubscription.properties.displayName
outOfScopeReason = "QuotaId: '$($sub.subDetails.subscriptionPolicies.quotaId)' not in Whitelist"
ManagementGroupId = $htSubscriptionsMgPath.($childrenSubscription.name).Parent
ManagementGroupName = $htSubscriptionsMgPath.($childrenSubscription.name).ParentName
Level = $htSubscriptionsMgPath.($childrenSubscription.name).level
})
}
}
else {
$null = $script:subsToProcessInCustomDataCollection.Add([PSCustomObject]@{
subscriptionId = $childrenSubscription.name
subscriptionName = $childrenSubscription.properties.displayName
subscriptionQuotaId = $sub.subDetails.subscriptionPolicies.quotaId
})
}
}
}

if ($subsToProcessInCustomDataCollection.Count -lt $childrenSubscriptionsCount) {
Write-Host " $($subsToProcessInCustomDataCollection.Count) of $($childrenSubscriptionsCount) Subscriptions picked for processing" -ForegroundColor yellow
}
else {
Write-Host " $($subsToProcessInCustomDataCollection.Count) of $($childrenSubscriptionsCount) Subscriptions picked for processing"
}


if ($outOfScopeSubscriptions.Count -gt 0) {
Write-Host " $($outOfScopeSubscriptions.Count) Subscriptions excluded" -ForegroundColor yellow
$outOfScopeSubscriptionsGroupedByOutOfScopeReason = $outOfScopeSubscriptions | Group-Object -Property outOfScopeReason
foreach ($exclusionreason in $outOfScopeSubscriptionsGroupedByOutOfScopeReason) {
Write-Host " $($exclusionreason.Count): $($exclusionreason.Name) ($($exclusionreason.Group.subscriptionId -join ', '))"
}

foreach ($outOfScopeSubscription in $outOfScopeSubscriptions) {
$script:htOutOfScopeSubscriptions.($outOfScopeSubscription.subscriptionId) = @{
subscriptionId = $outOfScopeSubscription.subscriptionId
subscriptionName = $outOfScopeSubscription.subscriptionName
outOfScopeReason = $outOfScopeSubscription.outOfScopeReason
ManagementGroupId = $outOfScopeSubscription.ManagementGroupId
ManagementGroupName = $outOfScopeSubscription.ManagementGroupName
Level = $outOfScopeSubscription.Level
}
}
}
else {
Write-Host " $($outOfScopeSubscriptions.Count) Subscriptions excluded"
}
$script:subsToProcessInCustomDataCollectionCount = ($subsToProcessInCustomDataCollection).Count

$end = Get-Date
Write-Host "Subscription picking duration: $((New-TimeSpan -Start $start -End $end).TotalSeconds) seconds"
}

0 comments on commit 968e71e

Please sign in to comment.