This directory contains a comprehensive collection of PowerShell scripts for generating inventory and reporting data across various platforms and services. Each script produces timestamped CSV exports with detailed information for analysis, compliance, and governance purposes.

📋 Table of Contents

Azure Scripts
Azure DevOps Scripts
Entra ID (Azure AD) Scripts
Security & Vulnerability Scripts
SQL Database Scripts
Application-Specific Scripts
Prerequisites
Usage Guidelines

🔵 Azure Scripts

Resource Inventory & Management

Script	Description	Output
Resources.ps1	Comprehensive Azure resource inventory across all subscriptions	CSV with resource metadata, tags, managed identities
AzureRBAC.ps1	RBAC assignment analysis with PIM detection across Azure hierarchy	CSV with assignment details, PIM status, scope analysis
ManagementGroups.ps1	Management group hierarchy and subscription mapping	CSV with organizational structure

Storage & Data

Script	Description	Output
AzureStorageBlobList.ps1	Blob storage inventory across storage accounts	CSV with blob details, metadata, access tiers
AzureStorageTableListEntities.ps1	Table storage entity enumeration	CSV with table entities and properties

Security & Access

Script	Description	Output
KeyVaults.ps1	Key Vault inventory with configuration details	CSV with vault properties, access policies
KeyVaultAccessPolicies.ps1	Detailed Key Vault access policy analysis	CSV with permission mappings
KeyVaultNonRBACSecrets.ps1	Non-RBAC managed Key Vault secrets inventory	CSV with legacy access policy secrets
Certificates.ps1	Certificate inventory across Key Vaults	CSV with certificate details, expiration dates
AzurePIM.ps1	Privileged Identity Management assignments	CSV with PIM role assignments and status

Networking & Applications

Script	Description	Output
WebApps.ps1	App Service and Web App inventory	CSV with app configurations, settings
FrontDoorRoutes.ps1	Azure Front Door routing configuration	CSV with route mappings and rules
ServiceBus.ps1	Service Bus namespaces and entity inventory	CSV with queues, topics, subscriptions

Monitoring & Alerts

Script	Description	Output
AlertRules.ps1	Azure Monitor alert rules inventory	CSV with alert configurations
AppInsightsWorkspace.ps1	Application Insights workspace details	CSV with workspace configurations

🔵 Azure DevOps Scripts

Script	Description	Output
Repositories.ps1	Repository inventory with last pull request details	CSV with repo metadata, recent PR info
PullRequests.ps1	Pull request history and statistics	CSV with PR details, reviewers, completion data
Pipelines.ps1	Build and release pipeline inventory	CSV with pipeline configurations
ServiceConnections.ps1	Service connection inventory and status	CSV with connection details, permissions
RepositoriesWithTestAccept.ps1	Repositories with specific testing configurations	CSV with test acceptance criteria
renovate-stats.ps1	Renovate bot statistics and dependency updates	CSV with update metrics

🟢 Entra ID (Azure AD) Scripts

Script	Description	Output
GroupMemberships.ps1	Recursive group membership analysis with circular reference detection	CSV with complete membership hierarchy
UserLastLoginList.ps1	User last login analysis for group members	CSV with login activity and user status

🔴 Security & Vulnerability Scripts

Snyk Integration

Script	Description	Output
SnykOverview.ps1	Comprehensive Snyk organization and project inventory	CSV with project metadata, vulnerability counts
SBOM.ps1	Software Bill of Materials generation with enhanced package metadata	CSV with dependency details, vulnerability data, deprecation status

🟡 SQL Database Scripts

Script	Description	Output
SQLUserCheck.ps1	Multi-server SQL database user audit with authentication analysis	CSV with user accounts, permissions, authentication types

🟣 Application-Specific Scripts

MyEffectory

Script	Description	Output
GroupMappingsCheck.ps1	Application-specific group mapping validation	CSV with mapping configurations

📋 Prerequisites

Required PowerShell Modules

# Azure modules
Install-Module Az.Accounts, Az.Resources, Az.Storage, Az.KeyVault, Az.Monitor
Install-Module Microsoft.Graph.Identity.Governance

# Azure DevOps
Install-Module VSTeam

# SQL Server
Install-Module SqlServer

# Microsoft Graph
Install-Module Microsoft.Graph.Users, Microsoft.Graph.Groups

Authentication Requirements

Azure: Connect-AzAccount with appropriate RBAC permissions
Microsoft Graph: Connect-MgGraph with required scopes
Azure DevOps: Personal Access Token or OAuth authentication
SQL Server: Azure AD authentication or SQL authentication

Permission Requirements

Platform	Required Permissions
Azure	Reader or higher on target resources, PIM Admin for PIM detection
Entra ID	Directory Reader, Group Member Read permissions
Azure DevOps	Project Reader, Repository Read permissions
SQL Server	Database Reader, View Server State permissions
Snyk	API token with Organization Read permissions

🚀 Usage Guidelines

Basic Execution

# Run any script directly
.\Azure\Resources.ps1
.\DevOps\Repositories.ps1
.\Entra\GroupMemberships.ps1

With Parameters (where supported)

# Single subscription analysis
.\Azure\AzureRBAC.ps1 -SubscriptionId "your-subscription-id"

# Enable detailed debugging
.\Azure\AzureRBAC.ps1 -DetailedDebug

# Custom organization/project
.\DevOps\Repositories.ps1 -Organization "myorg" -Project "myproject"

Output Management

All scripts generate timestamped CSV files in the format:

YYYY-MM-DD HHMM script_description.csv

Best Practices

Pre-Authentication: Ensure proper authentication before running scripts
Permissions: Verify required permissions for target resources
Network Connectivity: Ensure access to required APIs and services
Output Storage: Consider output file locations and security
Scheduling: Many scripts are suitable for scheduled execution
Error Handling: Review script output for any errors or warnings

Troubleshooting

Authentication Issues: Verify token expiration and scope permissions
API Throttling: Some scripts may encounter rate limits with large datasets
Permission Errors: Ensure service principals or user accounts have sufficient privileges
Network Connectivity: Verify access to required endpoints and APIs

📊 Output Analysis

Common CSV Columns

Most scripts include standardized columns for:

Timestamps: Creation and modification dates
Identifiers: Unique IDs, names, and references
Governance: Tags, ownership, environment classification
Security: RBAC assignments, permissions, authentication types
Metadata: Configuration details, status information

Integration Options

Power BI: Direct CSV import for dashboard creation
Excel: Advanced filtering and pivot table analysis
Database: Bulk import for historical trending
Automation: Scheduled execution with result processing

🔄 Maintenance

Regular Updates

Module Versions: Keep PowerShell modules updated
API Changes: Monitor for service API modifications
Permission Changes: Verify continued access to required resources
Script Enhancements: Check for new features and improvements

Version Control

All scripts are maintained under version control with:

Change tracking and history
Documentation updates
Testing and validation
Community contributions

📞 Support

For issues, questions, or contributions:

Review script help documentation (Get-Help .\ScriptName.ps1 -Full)
Check error messages and troubleshooting sections
Verify prerequisites and permissions
Consult platform-specific documentation

Last Updated: October 31, 2025 Script Collection Version: 2.0