jurjen.ladenius/Cloud-20Engineering
1
0
Fork 0
mirror of https://dev.azure.com/effectory/Survey%20Software/_git/Cloud%20Engineering synced 2026-02-27 18:52:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

- web app settings (ftps/php)

Browse Source 
-Policies
This commit is contained in:
Jurjen Ladenius
2022-08-11 11:14:28 +02:00
parent 7238a5c4f3
commit f5f8333dce
13 changed files with 93861 additions and 549 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
Custom roles/Storage Data Contributor.json
View File

@@ -1,7 +1,7 @@
{
"Id":"10a47b5b-4ee1-4c85-a108-05764d2ce4d6",
"Name":"Storage Data Contributor",
"Description":"Allows for read, write and delete access to Azure Storage blob containers and data / tables and entities / queues and queue messages.",
"Id": "10a47b5b-4ee1-4c85-a108-05764d2ce4d6",
"Name": "Storage Data Contributor",
"Description": "Allows for read, write and delete access to Azure Storage blob containers and data / tables and entities / queues and queue messages.",
"Actions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
@@ -13,26 +13,28 @@
"Microsoft.Storage/storageAccounts/tableServices/tables/read",
"Microsoft.Storage/storageAccounts/tableServices/tables/write",
"Microsoft.Storage/storageAccounts/tableServices/tables/delete"
],
],
"NotActions": [],
"DataActions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action",
"Microsoft.Storage/storageAccounts/queueServices/queues/messages/delete",
"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read",
"Microsoft.Storage/storageAccounts/queueServices/queues/messages/write",
"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action",
"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read",
"Microsoft.Storage/storageAccounts/tableServices/tables/entities/write",
"Microsoft.Storage/storageAccounts/tableServices/tables/entities/delete",
"Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action",
"Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action"
],
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action",
"Microsoft.Storage/storageAccounts/queueServices/queues/messages/delete",
"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read",
"Microsoft.Storage/storageAccounts/queueServices/queues/messages/write",
"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action",
"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read",
"Microsoft.Storage/storageAccounts/tableServices/tables/entities/write",
"Microsoft.Storage/storageAccounts/tableServices/tables/entities/delete",
"Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action",
"Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action"
],
"NotDataActions": [],
"AssignableScopes": [
"/subscriptions/a6b88b62-16fb-4507-9836-8f8da2bffa36",
"/subscriptions/840f4c89-ca32-496e-bcba-70a55951a4ef",
"/subscriptions/3190b0fd-4a66-4636-a204-5b9f18be78a6",
"/subscriptions/30ce4e64-4299-4b93-91b8-4c953f63678e",
"/subscriptions/750d0421-da63-42fb-9f89-74aeb5dfe05b",
@@ -65,5 +67,5 @@
"/subscriptions/0c50e758-0cfb-4d35-9d52-b39ba918ce30",
"/subscriptions/baed3117-d2f3-4289-977d-6d4429d9e983",
"/subscriptions/eec75831-812e-4b06-a7a4-ec28a5126238"
]
]
}

51
Policies/Storage accounts should only accept TLS 1.2 or higher.json Normal file
View File

@@ -0,0 +1,51 @@
{
"mode": "All",
"policyRule": {
"if": {
"anyOf": [
{
"allOf": [
{
"field": "type",
"equals": "Microsoft.Storage/storageAccounts"
},
{
"field": "Microsoft.Storage/storageAccounts/minimumTlsVersion",
"notEquals": "TLS1_2"
}
]
},
{
"allOf": [
{
"field": "type",
"equals": "Microsoft.Storage/storageAccounts"
},
{
"field": "Microsoft.Storage/storageAccounts/supportsHttpsTrafficOnly",
"notEquals": "true"
}
]
}
]
},
"then": {
"effect": "[parameters('effect')]"
}
},
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
},
"allowedValues": [
"Audit",
"deny",
"Disabled"
],
"defaultValue": "Audit"
}
}
}

115
Policies/Web Applications should only accept TLS 1.2 or higher (v4).json Normal file
View File

@@ -0,0 +1,115 @@
{
"mode": "All",
"policyRule": {
"if": {
"anyOf": [
{
"allOf": [
{
"field": "type",
"equals": "Microsoft.Web/sites"
},
{
"field": "Microsoft.Web/sites/httpsOnly",
"notEquals": "true"
}
]
},
{
"allOf": [
{
"field": "type",
"equals": "Microsoft.Web/sites/slots"
},
{
"field": "Microsoft.Web/sites/slots/httpsOnly",
"notEquals": "true"
}
]
},
{
"allOf": [
{
"field": "type",
"equals": "Microsoft.Web/sites/config"
},
{
"field": "name",
"notLike": "connectionstrings"
},
{
"field": "name",
"notLike": "backup"
},
{
"field": "name",
"notLike": "authsettingsV2"
},
{
"field": "name",
"notLike": "authsettings"
},
{
"field": "name",
"notLike": "appsettings"
},
{
"field": "Microsoft.Web/sites/config/minTlsVersion",
"notEquals": "1.2"
}
]
},
{
"allOf": [
{
"field": "type",
"equals": "Microsoft.Web/sites/slots/config"
},
{
"field": "name",
"notLike": "connectionstrings"
},
{
"field": "name",
"notLike": "backup"
},
{
"field": "name",
"notLike": "authsettingsV2"
},
{
"field": "name",
"notLike": "authsettings"
},
{
"field": "name",
"notLike": "appsettings"
},
{
"field": "Microsoft.Web/sites/slots/config/minTlsVersion",
"notEquals": "1.2"
}
]
}
]
},
"then": {
"effect": "[parameters('effect')]"
}
},
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
},
"allowedValues": [
"Audit",
"deny",
"Disabled"
],
"defaultValue": "Audit"
}
}
}

420
Powershell/Invite.sql
View File

@@ -1,420 +0,0 @@
DROP USER [ERS]
GO
DROP USER [Feedback@Effectory.com]
GO
DROP USER [IntranetApps]
GO
DROP USER [InviteReplication]
GO
DROP USER [InviteTOuser]
GO
DROP USER [LiveWebClient@Effectory.com]
GO
DROP USER [mscrm_sync]
GO
DROP USER [myprojectwebservice@effectory.com]
GO
DROP USER [participant_import]
GO
DROP USER [participant_validation]
GO
DROP USER [QuestionbaseWebservice]
GO
DROP USER [scratchcardgenerator]
GO
DROP USER [SurveyCenter]
GO
DROP USER [SurveyWebJob]
GO
------
------ SCRIPTED OLD
----------
-- [-- DB CONTEXT --] --
USE [Invite]
-- [-- DB USERS --] --
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'BuildServer') BEGIN CREATE USER [BuildServer] FOR LOGIN [BuildServer] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'ClearConfirmedTeamsWebJob') BEGIN CREATE USER [ClearConfirmedTeamsWebJob] FOR LOGIN [ClearConfirmedTeamsWebJob] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'dbo') BEGIN CREATE USER [dbo] FOR LOGIN [dbo] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'Effectory-Core-MeasurementService') BEGIN CREATE USER [Effectory-Core-MeasurementService] WITHOUT LOGIN WITH DEFAULT_SCHEMA = [dbo] , SID = [foo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'ERS') BEGIN CREATE USER [ERS] FOR LOGIN [ERS] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'GatherResponseWebJob') BEGIN CREATE USER [GatherResponseWebJob] FOR LOGIN [GatherResponseWebJob] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'GenerateFlexQuestionnaireWebjob') BEGIN CREATE USER [GenerateFlexQuestionnaireWebjob] FOR LOGIN [GenerateFlexQuestionnaireWebjob] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'guest') BEGIN CREATE USER [guest] WITHOUT LOGIN WITH DEFAULT_SCHEMA = [guest] , SID = [foo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'HierarchyUserImport') BEGIN CREATE USER [HierarchyUserImport] FOR LOGIN [HierarchyUserImport] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'IntranetApps') BEGIN CREATE USER [IntranetApps] FOR LOGIN [IntranetApps] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'InviteExport') BEGIN CREATE USER [InviteExport] FOR LOGIN [InviteExport] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'InviteImport') BEGIN CREATE USER [InviteImport] FOR LOGIN [InviteImport] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'InviteReplication') BEGIN CREATE USER [InviteReplication] FOR LOGIN [InviteReplication] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'InviteResponseWebJob') BEGIN CREATE USER [InviteResponseWebJob] FOR LOGIN [InviteResponseWebJob] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'InviteTOuser') BEGIN CREATE USER [InviteTOuser] FOR LOGIN [InviteTOuser] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'MailingManager') BEGIN CREATE USER [MailingManager] FOR LOGIN [MailingManager] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'mailings_webapi') BEGIN CREATE USER [mailings_webapi] FOR LOGIN [mailings_webapi] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'mscrm_sync') BEGIN CREATE USER [mscrm_sync] FOR LOGIN [mscrm_sync] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'participant_import') BEGIN CREATE USER [participant_import] WITHOUT LOGIN WITH DEFAULT_SCHEMA = [dbo] , SID = [foo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'participant_validation') BEGIN CREATE USER [participant_validation] WITHOUT LOGIN WITH DEFAULT_SCHEMA = [dbo] , SID = [foo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'projectcenter') BEGIN CREATE USER [projectcenter] FOR LOGIN [projectcenter] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'QuestionbaseWebservice') BEGIN CREATE USER [QuestionbaseWebservice] FOR LOGIN [QuestionbaseWebservice] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'QuestionnaireWebApi') BEGIN CREATE USER [QuestionnaireWebApi] WITHOUT LOGIN WITH DEFAULT_SCHEMA = [dbo] , SID = [foo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'SurveyCenter') BEGIN CREATE USER [SurveyCenter] FOR LOGIN [SurveyCenter] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'SurveyWebJob') BEGIN CREATE USER [SurveyWebJob] FOR LOGIN [SurveyWebJob] WITH DEFAULT_SCHEMA = [dbo] END;
IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] = 'SyncDemographicsWebJob') BEGIN CREATE USER [SyncDemographicsWebJob] FOR LOGIN [SyncDemographicsWebJob] WITH DEFAULT_SCHEMA = [dbo] END;
-- [-- ORPHANED USERS --] --
-- [-- DB ROLES --] --
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'ClearConfirmedTeamsWebJob'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'Effectory-Core-MeasurementService'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'ERS'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'GenerateFlexQuestionnaireWebjob'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'HierarchyUserImport'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'IntranetApps'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'InviteImport'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'InviteResponseWebJob'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'InviteTOuser'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'mscrm_sync'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'participant_import'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'projectcenter'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'SurveyCenter'
EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'SurveyWebJob'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'Effectory-Core-MeasurementService'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'ERS'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'GenerateFlexQuestionnaireWebjob'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'HierarchyUserImport'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'InviteImport'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'InviteResponseWebJob'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'mscrm_sync'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'participant_import'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'projectcenter'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'SurveyCenter'
EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'SurveyWebJob'
EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'ERS'
EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'GenerateFlexQuestionnaireWebjob'
EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'InviteImport'
EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'mscrm_sync'
EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'projectcenter'
EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'SurveyWebJob'
EXEC sp_addrolemember @rolename = 'db_owner', @membername = 'BuildServer'
EXEC sp_addrolemember @rolename = 'db_owner', @membername = 'InviteReplication'
-- [-- OBJECT LEVEL PERMISSIONS --] --
DENY DELETE ON [dbo].[HierarchyEventSync] TO [_AzureParticipantsDBReadExecute]
DENY DELETE ON [dbo].[MeasurementParticipantEventSync] TO [_AzureParticipantsDBReadExecute]
DENY DELETE ON [dbo].[ParticipantCharacteristicEventSync] TO [_AzureParticipantsDBReadExecute]
DENY DELETE ON [dbo].[ParticipantEventSync] TO [_AzureParticipantsDBReadExecute]
DENY DELETE ON [dbo].[ParticipantExtraColumnValueEventSync] TO [_AzureParticipantsDBReadExecute]
DENY EXECUTE ON [dbo].[sp_alterdiagram] TO [guest]
DENY EXECUTE ON [dbo].[sp_creatediagram] TO [guest]
DENY EXECUTE ON [dbo].[sp_dropdiagram] TO [guest]
DENY EXECUTE ON [dbo].[sp_helpdiagramdefinition] TO [guest]
DENY EXECUTE ON [dbo].[sp_helpdiagrams] TO [guest]
DENY EXECUTE ON [dbo].[sp_renamediagram] TO [guest]
GRANT ALTER ON [dbo].[MeasurementParticipant] TO [ClearConfirmedTeamsWebJob]
GRANT DELETE ON [dbo].[CharacteristicQuestionnaire] TO [ClearConfirmedTeamsWebJob]
GRANT DELETE ON [dbo].[MeasurementParticipant] TO [projectcenter]
GRANT DELETE ON [dbo].[ParticipantCharacteristic] TO [projectcenter]
GRANT DELETE ON [dbo].[ParticipantProjectCharacteristic] TO [participant_validation]
GRANT DELETE ON [Mailings].[DomainSendTimeExceptions] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[DomainSendTimeExceptions] TO [MailingManager]
GRANT DELETE ON [Mailings].[FailedToSentMailings] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[FailedToSentMailings] TO [MailingManager]
GRANT DELETE ON [Mailings].[Mailing] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[Mailing] TO [MailingManager]
GRANT DELETE ON [Mailings].[MailingAttachment] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[MailingAttachment] TO [MailingManager]
GRANT DELETE ON [Mailings].[MailingDisclaimer] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[MailingDisclaimer] TO [MailingManager]
GRANT DELETE ON [Mailings].[MailingTemplate] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[MailingTemplate] TO [MailingManager]
GRANT DELETE ON [Mailings].[MailingTemplateTypeNames] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[MailingTemplateTypeNames] TO [MailingManager]
GRANT DELETE ON [Mailings].[MailingTemplateTypes] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[MailingTemplateTypes] TO [MailingManager]
GRANT DELETE ON [Mailings].[MailingText] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[MailingText] TO [MailingManager]
GRANT DELETE ON [Mailings].[MailSP_Log] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[MailSP_Log] TO [MailingManager]
GRANT DELETE ON [Mailings].[SentMailings] TO [mailing.service@Effectory.com]
GRANT DELETE ON [Mailings].[SentMailings] TO [MailingManager]
GRANT EXECUTE ON [dbo].[get_internalcodes_by_surveyId] TO [response.service@Effectory.com]
GRANT EXECUTE ON [dbo].[ImportParticipantsIntoMeasurement] TO [Effectory-Core-MeasurementService]
GRANT EXECUTE ON [dbo].[ImportResultsDelete] TO [InviteExport]
GRANT EXECUTE ON [dbo].[ImportResultsDelete] TO [InviteImport]
GRANT EXECUTE ON [dbo].[ImportResultsDelete] TO [SurveyCenter]
GRANT EXECUTE ON [dbo].[insert_characteristic_characteristictext_from_xml] TO [SurveyCenter]
GRANT EXECUTE ON [dbo].[internalcodes_claim] TO [myprojectwebservice@effectory.com]
GRANT EXECUTE ON [dbo].[internalcodes_claim] TO [participant_import]
GRANT EXECUTE ON [dbo].[internalcodes_claim] TO [participant_validation]
GRANT EXECUTE ON [dbo].[internalcodes_claim] TO [response.service@Effectory.com]
GRANT EXECUTE ON [dbo].[internalcodes_generate] TO [response.service@Effectory.com]
GRANT EXECUTE ON [dbo].[internalcodes_generate] TO [scratchcardgenerator]
GRANT EXECUTE ON [dbo].[internalcodes_get_no_available_codes] TO [response.service@Effectory.com]
GRANT EXECUTE ON [dbo].[internalcodes_get_no_available_codes] TO [scratchcardgenerator]
GRANT EXECUTE ON [dbo].[offboarding_participants_invalidlist] TO [IntranetApps]
GRANT EXECUTE ON [dbo].[ParticipantCharacteristics_Clear_By_MeasurementID] TO [SurveyCenter]
GRANT EXECUTE ON [dbo].[ParticipantCharacteristics_Clear_By_SurveyID] TO [SurveyCenter]
GRANT EXECUTE ON [dbo].[Response_webjob_previoussurvey] TO [InviteResponseWebJob]
GRANT EXECUTE ON [dbo].[sp_alterdiagram] TO [public]
GRANT EXECUTE ON [dbo].[sp_creatediagram] TO [public]
GRANT EXECUTE ON [dbo].[sp_dropdiagram] TO [public]
GRANT EXECUTE ON [dbo].[sp_helpdiagramdefinition] TO [public]
GRANT EXECUTE ON [dbo].[sp_helpdiagrams] TO [public]
GRANT EXECUTE ON [dbo].[sp_renamediagram] TO [public]
GRANT EXECUTE ON [dbo].[survey_update_measurement_info] TO [projectcenter]
GRANT EXECUTE ON [dbo].[survey_update_measurement_info_with_ece_survey_id] TO [projectcenter]
GRANT EXECUTE ON [dbo].[SurveyCenter_DemographicAnswer_Delete] TO [SurveyCenter]
GRANT EXECUTE ON [dbo].[sync_ece_update_ece_surveyid] TO [ece.service@Effectory.com]
GRANT EXECUTE ON [dbo].[sync_get_participant_information] TO [SurveyCenter]
GRANT EXECUTE ON [dbo].[sync_update_hasresponded] TO [response.service@Effectory.com]
GRANT EXECUTE ON [dbo].[Update_participant_xml] TO [InviteExport]
GRANT EXECUTE ON [dbo].[Update_participant_xml] TO [InviteImport]
GRANT EXECUTE ON [dbo].[Update_participant_xml] TO [SurveyCenter]
GRANT EXECUTE ON [Mailings].[GetScheduledMailings] TO [mailing.service@Effectory.com]
GRANT EXECUTE ON [Mailings].[GetScheduledMailings] TO [MailingManager]
GRANT EXECUTE ON [Mailings].[mm_service_get_data_for_status_update_mail] TO [mailing.service@Effectory.com]
GRANT EXECUTE ON [Mailings].[mm_service_get_data_for_status_update_mail] TO [MailingManager]
GRANT EXECUTE ON [Mailings].[mm_service_get_exta_data_for_one_participant] TO [mailing.service@Effectory.com]
GRANT EXECUTE ON [Mailings].[mm_service_get_exta_data_for_one_participant] TO [MailingManager]
GRANT EXECUTE ON [Mailings].[mm_service_get_mailings_to_send] TO [mailing.service@Effectory.com]
GRANT EXECUTE ON [Mailings].[mm_service_get_mailings_to_send] TO [MailingManager]
GRANT EXECUTE ON [Mailings].[mm_service_set_mailing_send_to_participant] TO [mailing.service@Effectory.com]
GRANT EXECUTE ON [Mailings].[mm_service_set_mailing_send_to_participant] TO [MailingManager]
GRANT EXECUTE ON [Mailings].[mm_service_set_mailing_status_to_error] TO [mailing.service@Effectory.com]
GRANT EXECUTE ON [Mailings].[mm_service_set_mailing_status_to_error] TO [MailingManager]
GRANT EXECUTE ON [Mailings].[mm_update_and_get_mailing_state] TO [mailing.service@Effectory.com]
GRANT EXECUTE ON [Mailings].[mm_update_and_get_mailing_state] TO [MailingManager]
GRANT EXECUTE ON [Mailings].[multipleResults] TO [mailing.service@Effectory.com]
GRANT EXECUTE ON [Mailings].[multipleResults] TO [MailingManager]
GRANT EXECUTE ON [Mailings].[SurveyCenter_CreateSurveyProvider] TO [mailing.service@Effectory.com]
GRANT EXECUTE ON [Mailings].[SurveyCenter_CreateSurveyProvider] TO [MailingManager]
GRANT EXECUTE ON [Mailings].[SurveyCenter_WebJob_Mailing_GetScheduledMails] TO [mailing.service@Effectory.com]
GRANT EXECUTE ON [Mailings].[SurveyCenter_WebJob_Mailing_GetScheduledMails] TO [MailingManager]
GRANT EXECUTE ON [Query].[GetMeasurementIdBySurveyId] TO [projectcenter]
GRANT EXECUTE ON [Query].[MyResultsUserQueries_Impersonate] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyCharacteristicCategoryQueries_Get] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyDownloadQueries_Get] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyDownloadQueries_Get_GetHierarchyNames] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyGroupLinkAutoMapQueries_Get] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyGroupLinkAutoMapQueries_Get_Characteristics] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyGroupLinkQueries_Get] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyGroupLinkQueries_Get_Characteristics] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyNodeCrossingQueries_Get] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_Get] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_Get_Locks] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_Get_Statusses] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById_Categories] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById_CharacteristicCategories] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById_Locks] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById_Statusses] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById_Translations] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyTreeQueries_GetById] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyHierarchyTreeQueries_GetById_CharacteristicCategories] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyQueries_GetCharacteristicsCategories] TO [projectcenter]
GRANT EXECUTE ON [Query].[SurveyQueries_GetCharacteristicsCategories_Characteristics] TO [projectcenter]
GRANT EXECUTE ON [Query].[ToolkitQueries_GetRespondent] TO [projectcenter]
GRANT EXECUTE ON [Query].[ToolkitQueries_GetRespondent_Characteristics] TO [projectcenter]
GRANT EXECUTE ON [Query].[ToolkitQueries_Search] TO [projectcenter]
GRANT INSERT ON [dbo].[Characteristic] TO [participant_validation]
GRANT INSERT ON [dbo].[CharacteristicCategory] TO [participant_validation]
GRANT INSERT ON [dbo].[CharacteristicCategoryText] TO [participant_validation]
GRANT INSERT ON [dbo].[CharacteristicText] TO [participant_validation]
GRANT INSERT ON [dbo].[InternalCodes] TO [scratchcardgenerator]
GRANT INSERT ON [dbo].[MeasurementParticipant] TO [projectcenter]
GRANT INSERT ON [dbo].[MeasurementParticipant] TO [SurveyCenter]
GRANT INSERT ON [dbo].[MeasurementSync] TO [participant_validation]
GRANT INSERT ON [dbo].[Participant] TO [participant_validation]
GRANT INSERT ON [dbo].[ParticipantCharacteristic] TO [projectcenter]
GRANT INSERT ON [dbo].[ParticipantProjectCharacteristic] TO [participant_validation]
GRANT INSERT ON [dbo].[Project] TO [participant_validation]
GRANT INSERT ON [dbo].[SurveySyncClusterMatrix] TO [projectcenter]
GRANT INSERT ON [Mailings].[DomainSendTimeExceptions] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[DomainSendTimeExceptions] TO [MailingManager]
GRANT INSERT ON [Mailings].[FailedToSentMailings] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[FailedToSentMailings] TO [MailingManager]
GRANT INSERT ON [Mailings].[Mailing] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[Mailing] TO [MailingManager]
GRANT INSERT ON [Mailings].[MailingAttachment] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[MailingAttachment] TO [MailingManager]
GRANT INSERT ON [Mailings].[MailingDisclaimer] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[MailingDisclaimer] TO [MailingManager]
GRANT INSERT ON [Mailings].[MailingTemplate] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[MailingTemplate] TO [MailingManager]
GRANT INSERT ON [Mailings].[MailingTemplateTypeNames] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[MailingTemplateTypeNames] TO [MailingManager]
GRANT INSERT ON [Mailings].[MailingTemplateTypes] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[MailingTemplateTypes] TO [MailingManager]
GRANT INSERT ON [Mailings].[MailingText] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[MailingText] TO [MailingManager]
GRANT INSERT ON [Mailings].[MailSP_Log] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[MailSP_Log] TO [MailingManager]
GRANT INSERT ON [Mailings].[SentMailings] TO [mailing.service@Effectory.com]
GRANT INSERT ON [Mailings].[SentMailings] TO [MailingManager]
GRANT SELECT ON [dbo].[Characteristic] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[Characteristic] TO [participant_validation]
GRANT SELECT ON [dbo].[CharacteristicCategory] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[CharacteristicCategory] TO [participant_validation]
GRANT SELECT ON [dbo].[CharacteristicCategoryText] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[CharacteristicCategoryText] TO [participant_validation]
GRANT SELECT ON [dbo].[CharacteristicText] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[CharacteristicText] TO [participant_validation]
GRANT SELECT ON [dbo].[InternalCodes] TO [participant_validation]
GRANT SELECT ON [dbo].[InternalCodes] TO [scratchcardgenerator]
GRANT SELECT ON [dbo].[Measurement] TO [QuestionnaireWebApi]
GRANT SELECT ON [dbo].[MeasurementColumn] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[MeasurementParticipant] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[MeasurementParticipant] TO [participant_validation]
GRANT SELECT ON [dbo].[MeasurementParticipant] TO [projectcenter]
GRANT SELECT ON [dbo].[MeasurementParticipant] TO [SurveyCenter]
GRANT SELECT ON [dbo].[MeasurementSurvey] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[MeasurementSurvey] TO [participant_validation]
GRANT SELECT ON [dbo].[MeasurementSurvey] TO [QuestionnaireWebApi]
GRANT SELECT ON [dbo].[MeasurementSync] TO [participant_validation]
GRANT SELECT ON [dbo].[MeasurementText] TO [QuestionnaireWebApi]
GRANT SELECT ON [dbo].[MSsubscription_agents] TO [public]
GRANT SELECT ON [dbo].[Participant] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[Participant] TO [participant_validation]
GRANT SELECT ON [dbo].[ParticipantCharacteristic] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[ParticipantCharacteristic] TO [projectcenter]
GRANT SELECT ON [dbo].[ParticipantExtraColumn] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[ParticipantExtraColumnValue] TO [mailing.service@Effectory.com]
GRANT SELECT ON [dbo].[ParticipantProjectCharacteristic] TO [participant_validation]
GRANT SELECT ON [dbo].[Project] TO [participant_validation]
GRANT SELECT ON [dbo].[Survey] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[DomainSendTimeExceptions] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[DomainSendTimeExceptions] TO [MailingManager]
GRANT SELECT ON [Mailings].[FailedToSentMailings] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[FailedToSentMailings] TO [MailingManager]
GRANT SELECT ON [Mailings].[Mailing] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[Mailing] TO [MailingManager]
GRANT SELECT ON [Mailings].[MailingAttachment] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[MailingAttachment] TO [MailingManager]
GRANT SELECT ON [Mailings].[MailingDisclaimer] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[MailingDisclaimer] TO [MailingManager]
GRANT SELECT ON [Mailings].[MailingTemplate] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[MailingTemplate] TO [MailingManager]
GRANT SELECT ON [Mailings].[MailingTemplateTypeNames] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[MailingTemplateTypeNames] TO [MailingManager]
GRANT SELECT ON [Mailings].[MailingTemplateTypes] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[MailingTemplateTypes] TO [MailingManager]
GRANT SELECT ON [Mailings].[MailingText] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[MailingText] TO [MailingManager]
GRANT SELECT ON [Mailings].[MailSP_Log] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[MailSP_Log] TO [MailingManager]
GRANT SELECT ON [Mailings].[SentMailings] TO [mailing.service@Effectory.com]
GRANT SELECT ON [Mailings].[SentMailings] TO [MailingManager]
GRANT SELECT ON [sys].[database_firewall_rules] TO [public]
GRANT UPDATE ON [dbo].[InternalCodes] TO [participant_validation]
GRANT UPDATE ON [dbo].[MeasurementParticipant] TO [ClearConfirmedTeamsWebJob]
GRANT UPDATE ON [dbo].[MeasurementParticipant] TO [participant_validation]
GRANT UPDATE ON [dbo].[MeasurementParticipant] TO [projectcenter]
GRANT UPDATE ON [dbo].[MeasurementParticipant] TO [SurveyCenter]
GRANT UPDATE ON [dbo].[Participant] TO [participant_validation]
GRANT UPDATE ON [dbo].[ParticipantCharacteristic] TO [projectcenter]
GRANT UPDATE ON [dbo].[ParticipantCharacteristic] TO [SurveyCenter]
GRANT UPDATE ON [dbo].[Project] TO [participant_validation]
GRANT UPDATE ON [dbo].[Survey] TO [ece.service@Effectory.com]
GRANT UPDATE ON [Mailings].[DomainSendTimeExceptions] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[DomainSendTimeExceptions] TO [MailingManager]
GRANT UPDATE ON [Mailings].[FailedToSentMailings] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[FailedToSentMailings] TO [MailingManager]
GRANT UPDATE ON [Mailings].[Mailing] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[Mailing] TO [MailingManager]
GRANT UPDATE ON [Mailings].[MailingAttachment] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[MailingAttachment] TO [MailingManager]
GRANT UPDATE ON [Mailings].[MailingDisclaimer] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[MailingDisclaimer] TO [MailingManager]
GRANT UPDATE ON [Mailings].[MailingTemplate] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[MailingTemplate] TO [MailingManager]
GRANT UPDATE ON [Mailings].[MailingTemplateTypeNames] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[MailingTemplateTypeNames] TO [MailingManager]
GRANT UPDATE ON [Mailings].[MailingTemplateTypes] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[MailingTemplateTypes] TO [MailingManager]
GRANT UPDATE ON [Mailings].[MailingText] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[MailingText] TO [MailingManager]
GRANT UPDATE ON [Mailings].[MailSP_Log] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[MailSP_Log] TO [MailingManager]
GRANT UPDATE ON [Mailings].[SentMailings] TO [mailing.service@Effectory.com]
GRANT UPDATE ON [Mailings].[SentMailings] TO [MailingManager]
-- [-- TYPE LEVEL PERMISSIONS --] --
GRANT EXECUTE ON [dbo].[ParticipantIdTable] TO [Effectory-Core-MeasurementService]
GRANT EXECUTE ON [dbo].[RespondedParticipant] TO [response.service@Effectory.com]
-- [--DB LEVEL PERMISSIONS --] --
GRANT ALTER TO [SyncDemographicsWebJob]
GRANT CONNECT TO [BuildServer]
GRANT CONNECT TO [ClearConfirmedTeamsWebJob]
GRANT CONNECT TO [Effectory-Core-MeasurementService]
GRANT CONNECT TO [ERS]
GRANT CONNECT TO [GatherResponseWebJob]
GRANT CONNECT TO [GenerateFlexQuestionnaireWebjob]
GRANT CONNECT TO [HierarchyUserImport]
GRANT CONNECT TO [IntranetApps]
GRANT CONNECT TO [InviteExport]
GRANT CONNECT TO [InviteImport]
GRANT CONNECT TO [InviteReplication]
GRANT CONNECT TO [InviteResponseWebJob]
GRANT CONNECT TO [InviteTOuser]
GRANT CONNECT TO [MailingManager]
GRANT CONNECT TO [mailings_webapi]
GRANT CONNECT TO [mscrm_sync]
GRANT CONNECT TO [participant_import]
GRANT CONNECT TO [participant_validation]
GRANT CONNECT TO [projectcenter]
GRANT CONNECT TO [QuestionbaseWebservice]
GRANT CONNECT TO [QuestionnaireWebApi]
GRANT CONNECT TO [SurveyCenter]
GRANT CONNECT TO [SurveyWebJob]
GRANT CONNECT TO [SyncDemographicsWebJob]
GRANT DELETE TO [GatherResponseWebJob]
GRANT DELETE TO [InviteExport]
GRANT DELETE TO [projectcenter]
GRANT DELETE TO [SyncDemographicsWebJob]
GRANT EXECUTE TO [GatherResponseWebJob]
GRANT EXECUTE TO [InviteExport]
GRANT EXECUTE TO [InviteImport]
GRANT EXECUTE TO [InviteTOuser]
GRANT EXECUTE TO [MailingManager]
GRANT EXECUTE TO [mailings_webapi]
GRANT INSERT TO [GatherResponseWebJob]
GRANT INSERT TO [InviteExport]
GRANT INSERT TO [projectcenter]
GRANT INSERT TO [SyncDemographicsWebJob]
GRANT SELECT TO [GatherResponseWebJob]
GRANT SELECT TO [InviteExport]
GRANT SELECT TO [mailings_webapi]
GRANT SELECT TO [SyncDemographicsWebJob]
GRANT UNMASK TO [Effectory-Core-MeasurementService]
GRANT UNMASK TO [MailingManager]
GRANT UNMASK TO [mailings_webapi]
GRANT UNMASK TO [projectcenter]
GRANT UPDATE TO [GatherResponseWebJob]
GRANT UPDATE TO [InviteExport]
GRANT UPDATE TO [SyncDemographicsWebJob]
-- [--DB LEVEL SCHEMA PERMISSIONS --] --
GRANT ALTER ON SCHEMA::[dbo] TO [_Invite_Alter_Schema_]

93465
Powershell/Lists/2022-08-05 azure_rbac.csv Normal file
View File

File diff suppressed because it is too large Load Diff

2
Powershell/Lists/AzureRBAC.ps1
View File

@@ -31,7 +31,7 @@ Write-Host "====================================================================
$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
$fileName = "2021-11-24 azure_rbac.csv"
$fileName = "2022-08-05 azure_rbac.csv"
$fileExists = Test-Path $fileName
If ($fileExists -eq $True) {
Remove-Item $fileName

4
Powershell/Lists/Resources.ps1
View File

@@ -24,8 +24,8 @@ Write-Host "====================================================================
$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
$fileName = "c:\temp\2021-01-19 azure_resources.csv"
rm $fileName
$fileName = "c:\temp\2022-07-29 azure_resources.csv"
#rm $fileName
foreach ($subscription in $subscriptions)
{

113
Powershell/Lists/WebApps.ps1 Normal file
View File

@@ -0,0 +1,113 @@
#Connect-AzAccount
class ResourceCheck {
[string] $ResourceId = ""
[string] $Kind = ""
[string] $Location = ""
[string] $ResourceName = ""
[string] $ResourceGroup = ""
[string] $ResourceType = ""
[string] $State = ""
[string] $SubscriptionId = ""
[string] $SubscriptionName = ""
[string] $Tag_Team = ""
[string] $Tag_Product = ""
[string] $Tag_Environment = ""
[string] $Tag_Data = ""
[string] $Tag_CreatedOnDate = ""
[string] $Prop_HttpsOnly = ""
[string] $Prop_PhpVersion = ""
[string] $Prop_RemoteDebuggingEnabled = ""
[string] $Prop_MinTlsVersion = ""
[string] $Prop_FtpsState = ""
}
Write-Host "======================================================================================================================================================================"
Write-Host "Creating webapp resource overview."
Write-Host "======================================================================================================================================================================"
$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
$fileName = "c:\temp\2022-08-04 azure_webapps.csv"
rm $fileName
foreach ($subscription in $subscriptions)
{
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
Set-AzContext -SubscriptionId $subscription.Id
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
$allResourceGroups = Get-AzResourceGroup
[ResourceCheck[]]$Result = @()
foreach ($group in $allResourceGroups) {
Write-Host $group.ResourceGroupName
$allWebApps = Get-AzWebApp -ResourceGroupName $group.ResourceGroupName
foreach ($webApp in $allWebApps) {
[ResourceCheck] $resourceCheck = [ResourceCheck]::new()
$resourceCheck.ResourceId = $webApp.Id
$resourceCheck.Kind = $webApp.Kind
$resourceCheck.Location = $webApp.Location
$resourceCheck.State = $webApp.State
$resourceCheck.ResourceName = $webApp.Name
$resourceCheck.ResourceGroup = $webApp.ResourceGroup
$resourceCheck.ResourceType = $webApp.Type
$resourceCheck.SubscriptionId = $subscription.Id
$resourceCheck.SubscriptionName = $subscription.Name
$resourceCheck.Tag_Team = $webApp.Tags.team
$resourceCheck.Tag_Product = $webApp.Tags.product
$resourceCheck.Tag_Environment = $webApp.Tags.environment
$resourceCheck.Tag_Data = $webApp.Tags.data
$resourceCheck.Tag_CreatedOnDate = $webApp.Tags.CreatedOnDate
$resourceCheck.Prop_HttpsOnly = $webApp.HttpsOnly
$resourceCheck.Prop_PhpVersion = $webApp.SiteConfig.PhpVersion
$resourceCheck.Prop_RemoteDebuggingEnabled = $webApp.SiteConfig.RemoteDebuggingEnabled
$resourceCheck.Prop_MinTlsVersion = $webApp.SiteConfig.MinTlsVersion
$resourceCheck.Prop_FtpsState = $webApp.SiteConfig.FtpsState
$Result += $resourceCheck
$allSlots = Get-AzWebAppSlot -Name $webApp.Name -ResourceGroupName $webApp.ResourceGroup
foreach ($slotTemp in $allSlots) {
[string] $slotName = $slotTemp.Name.Split("/")[1]
$slot = Get-AzWebAppSlot -Name $webApp.Name -ResourceGroupName $webApp.ResourceGroup -Slot $slotName
[ResourceCheck] $resourceCheck = [ResourceCheck]::new()
$resourceCheck.ResourceId = $slot.Id
$resourceCheck.Kind = $slot.Kind
$resourceCheck.Location = $slot.Location
$resourceCheck.State = $slot.State
$resourceCheck.ResourceName = $slot.Name
$resourceCheck.ResourceGroup = $slot.ResourceGroup
$resourceCheck.ResourceType = $slot.Type
$resourceCheck.SubscriptionId = $subscription.Id
$resourceCheck.SubscriptionName = $subscription.Name
$resourceCheck.Tag_Team = $slot.Tags.team
$resourceCheck.Tag_Product = $slot.Tags.product
$resourceCheck.Tag_Environment = $slot.Tags.environment
$resourceCheck.Tag_Data = $slot.Tags.data
$resourceCheck.Tag_CreatedOnDate = $slot.Tags.CreatedOnDate
$resourceCheck.Prop_HttpsOnly = $slot.HttpsOnly
$resourceCheck.Prop_PhpVersion = $slot.SiteConfig.PhpVersion
$resourceCheck.Prop_RemoteDebuggingEnabled = $slot.SiteConfig.RemoteDebuggingEnabled
$resourceCheck.Prop_MinTlsVersion = $slot.SiteConfig.MinTlsVersion
$resourceCheck.Prop_FtpsState = $slot.SiteConfig.FtpsState
$Result += $resourceCheck
}
}
}
$Result | Export-Csv -Path $fileName -Append -NoTypeInformation
}
Write-Host "======================================================================================================================================================================"
Write-Host "Done."

86
Powershell/Masterl.sql
View File

@@ -1,86 +0,0 @@
DROP LOGIN [BuildServer]
GO
DROP LOGIN [ClearConfirmedTeamsWebJob]
GO
DROP LOGIN [EceService]
GO
DROP LOGIN [GatherResponseWebJob]
GO
DROP LOGIN [GenerateFlexQuestionnaireWebjob]
GO
DROP LOGIN [HierarchyUserImport]
GO
DROP LOGIN [InviteImport]
GO
DROP LOGIN [InviteResponseWebJob]
GO
DROP LOGIN [MailingManager]
GO
DROP LOGIN [mailings_webapi]
GO
DROP LOGIN [projectcenter]
GO
DROP LOGIN [SSIS_Offboarding]
GO
DROP LOGIN [SyncDemographicsWebJob]
GO
DROP LOGIN [ERS]
GO
DROP LOGIN [IntranetApps]
GO
DROP LOGIN [Invite]
GO
DROP LOGIN [Inviteadm]
GO
DROP LOGIN [InviteReplication]
GO
DROP LOGIN [InviteTOuser]
GO
DROP LOGIN [mscrm_sync]
GO
DROP LOGIN [PowerBIGateway]
GO
DROP LOGIN [QuestionbaseWebservice]
GO
DROP LOGIN [SSIS_DatawarehouseExport]
GO
DROP LOGIN [SSIS_ErscExportAzureReporting]
GO
DROP LOGIN [SSISMaintenance]
GO
DROP LOGIN [SSISProjectData]
GO
DROP LOGIN [SSISUser]
GO
DROP LOGIN [SurveyCenter]
GO
DROP LOGIN [SurveyWebJob]
GO

11
Powershell/ParticipantImportLog.sql
View File

@@ -1,11 +0,0 @@
DROP USER [participant_import]
GO
DROP USER [participant_validation]
GO
DROP USER [SSISMaintenance]
GO
DROP USER [SSISUser]
GO

16
Powershell/Tools/ApplyTags.ps1
View File

@@ -7,24 +7,22 @@ function ApplyTeamTag (
[string] $subscriptionId,
[string] $tagValue) {
if ($global:currentSubs -ne $subscriptionId) {
if ($global:currentSubs -ne $subscriptionId)
{
Set-AzContext -SubscriptionId $subscriptionId
$global:currentSubs = $subscriptionId
}
try {
$tags = (Get-AzResource -ResourceId $resourceId).Tags
$tags.team = $tagValue
Update-AzTag -ResourceId $resourceId -Tag $tags -Operation Merge
try
{
$tags = (Get-AzResource -ResourceId $resourceId).Tags
$tags.team = $tagValue
Update-AzTag -ResourceId $resourceId -Tag $tags -Operation Merge
}
catch {
Write-Warning "Could not update $resourceId"
}
}
ApplyTeamTag -resourceId '/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourceGroups/RespondentIntegrationEventSync/providers/Microsoft.KeyVault/vaults/RespondentEventSync' -subscriptionId 'a134faf1-7a89-4f2c-8389-06d00bd5e2a7' -tagValue 'orange'
function ApplyProductTag (
[string] $resourceId,
[string] $subscriptionId,

3
Powershell/Tools/Azure Custom Roles.ps1 Normal file
View File

@@ -0,0 +1,3 @@
#Get-AzRoleDefinition 'Storage Data Contributor' | ConvertTo-Json
Set-AzRoleDefinition -InputFile 'C:\Repository\Cloud Engineering\Cloud Engineering\Custom roles\Storage Data Contributor.json'

82
Powershell/Tools/WebApp Settings.ps1 Normal file
View File

@@ -0,0 +1,82 @@
#Connect-AzAccount
class ResourceCheck {
[string] $ResourceId = ""
[string] $Kind = ""
[string] $Location = ""
[string] $ResourceName = ""
[string] $ResourceGroup = ""
[string] $ResourceType = ""
[string] $State = ""
[string] $SubscriptionId = ""
[string] $SubscriptionName = ""
[string] $Tag_Team = ""
[string] $Tag_Product = ""
[string] $Tag_Environment = ""
[string] $Tag_Data = ""
[string] $Tag_CreatedOnDate = ""
[string] $Prop_HttpsOnly = ""
[string] $Prop_PhpVersion = ""
[string] $Prop_NetFrameworkVersion = ""
[string] $Prop_WindowsFxVersion = ""
[string] $Prop_RemoteDebuggingEnabled = ""
[string] $Prop_MinTlsVersion = ""
[string] $Prop_FtpsState = ""
}
Write-Host "======================================================================================================================================================================"
Write-Host "Creating webapp resource overview."
Write-Host "======================================================================================================================================================================"
$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
foreach ($subscription in $subscriptions)
{
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
Set-AzContext -SubscriptionId $subscription.Id
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
$allResourceGroups = Get-AzResourceGroup
foreach ($group in $allResourceGroups) {
Write-Host "Resource group $($group.ResourceGroupName)"
$allWebApps = Get-AzWebApp -ResourceGroupName $group.ResourceGroupName
foreach ($webApp in $allWebApps) {
if (($webApp.SiteConfig.FtpsState -ne "Disabled") -and ($webApp.SiteConfig.FtpsState -ne "FtpsOnly")) {
Write-Host "Disable FTP $($webApp.Name)"
$x = Set-AzWebApp -Name $webApp.Name -ResourceGroupName $group.ResourceGroupName -FtpsState Disabled
}
if (($webApp.SiteConfig.PhpVersion -ne "off") -and ($webApp.SiteConfig.PhpVersion -ne "")) {
Write-Host "Disable PHP $($webApp.Name)"
$x = Set-AzWebApp -Name $webApp.Name -ResourceGroupName $group.ResourceGroupName -PhpVersion "off"
}
$allSlots = Get-AzWebAppSlot -Name $webApp.Name -ResourceGroupName $webApp.ResourceGroup
foreach ($slotTemp in $allSlots) {
[string] $slotName = $slotTemp.Name.Split("/")[1]
$slot = Get-AzWebAppSlot -Name $webApp.Name -ResourceGroupName $webApp.ResourceGroup -Slot $slotName
if (($slot.SiteConfig.FtpsState -ne "Disabled") -and ($webApp.SiteConfig.FtpsState -ne "FtpsOnly")) {
Write-Host "Disable FTP $($webApp.Name) - $($slotName)"
$y = Set-AzWebAppSlot -Name $webApp.Name -Slot $slotName -ResourceGroupName $group.ResourceGroupName -FtpsState Disabled
}
if (($slot.SiteConfig.PhpVersion -ne "") -and ($slot.SiteConfig.PhpVersion -ne "off")) {
Write-Host "Disable PHP $($webApp.Name) - $($slotName)"
$y = Set-AzWebAppSlot -Name $webApp.Name -Slot $slotName -ResourceGroupName $group.ResourceGroupName -PhpVersion "off"
}
}
}
}
}
Write-Host "======================================================================================================================================================================"
Write-Host "Done."