-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
215 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,215 @@ | ||
| packs: | ||
| - uid: mondoo-asset-inventory-azure | ||
| name: Azure Asset Inventory Pack | ||
| version: 1.0.0 | ||
| authors: | ||
| - name: Mondoo, Inc | ||
| email: [email protected] | ||
| tags: | ||
| mondoo.com/platform: azure,cloud | ||
| mondoo.com/category: best-practices | ||
| docs: | ||
| desc: | | ||
| The Azure Asset Inventory by Mondoo query pack retrieves information about Azure subscriptions for asset inventory. | ||
| filters: | ||
| asset.platform == "azure" | ||
| platform.kind == "api" | ||
| queries: | ||
| - uid: mondoo-asset-inventory-azure-subscription-id | ||
| title: Retrieve Azure subscription ID | ||
| docs: | ||
| desc: | | ||
| This query retrieves the Azure subscription id | ||
| query: azure.subscription.id | ||
| - uid: mondoo-asset-inventory-azure-networks | ||
| title: Retrieve data on all securityGroups | ||
| docs: | ||
| desc: | | ||
| This query retrieves all of the configuration data for Azure securityGroups | ||
| query: azure.subscription.network.securityGroups { * } | ||
| - uid: mondoo-asset-inventory-azure-roleDefinitions | ||
| title: Retrieve data for all Azure roleDefinitions | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all Role definitions in the subscription | ||
| query: azure.subscription.authorizationService.roleDefinitions {*} | ||
| - uid: mondoo-asset-inventory-azure-cloudDefender | ||
| title: Retrieve data for all Azure CloudDefender | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for cloudDefender | ||
| query: azure.subscription.cloudDefender {*} | ||
| - uid: mondoo-asset-inventory-azure-storageAccounts | ||
| title: Retrieve data for all Azure storage accounts | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all storage accounts | ||
| query: azure.subscription.storage.accounts {*} | ||
| - uid: mondoo-asset-inventory-azure-storageAccounts-containers | ||
| title: Retrieve data for all containers in Azure storage accounts | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all containers in storage accounts | ||
| query: azure.subscription.storage.accounts { containers {*} } | ||
| - uid: mondoo-asset-inventory-azure-storageAccounts-blobs | ||
| title: Retrieve data for all blobs in Azure storage accounts | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all blobs in storage accounts | ||
| query: azure.subscription.storage.accounts { blobProperties {*} } | ||
| - uid: mondoo-asset-inventory-azure-storageAccounts-tables | ||
| title: Retrieve data for all tables in Azure storage accounts | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all tables in storage accounts | ||
| query: azure.subscription.storage.accounts { tableProperties {*} } | ||
| - uid: mondoo-asset-inventory-azure-sqlServers | ||
| title: Retrieve data for all Azure sql servers | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all sql servers | ||
| query: azure.subscription.sql.servers {*} | ||
| - uid: mondoo-asset-inventory-azure-sqlServers-firewallrules | ||
| title: Retrieve data for all firewall rules in Azure sql servers | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all firewall rules in sql servers | ||
| query: azure.subscription.sql.servers { firewallRules } | ||
| - uid: mondoo-asset-inventory-azure-sqlServers-databases | ||
| title: Retrieve data for all databases in Azure sql servers | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all databases in sql servers | ||
| query: azure.subscription.sql.servers { databases } | ||
| - uid: mondoo-asset-inventory-azure-postgresql | ||
| title: Retrieve data for all Azure postgresql servers | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all postgresql servers | ||
| query: azure.subscription.postgresql.servers {*} | ||
| - uid: mondoo-asset-inventory-azure-postgresql-firewallrules | ||
| title: Retrieve data for all firewall rules in Azure postgresql servers | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all firewall rules in postgresql servers | ||
| query: azure.subscription.postgresql.servers { firewallRules } | ||
| - uid: mondoo-asset-inventory-azure-mysql | ||
| title: Retrieve data for all Azure MySQL servers | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all sql servers | ||
| query: azure.subscription.mysql.servers {*} | ||
| - uid: mondoo-asset-inventory-azure-mariaDb | ||
| title: Retrieve data for all Azure mariaDb servers | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all mariaDb servers | ||
| query: azure.subscription.mariaDb.servers {*} | ||
| - uid: mondoo-asset-inventory-azure-diagnosticSettings | ||
| title: Retrieve data for all Azure diagnostic Settings | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all diagnostic Settings | ||
| query: azure.subscription.monitor.diagnosticSettings {*} | ||
| - uid: mondoo-asset-inventory-azure-keyVaults | ||
| title: Retrieve data for all Azure Key Vaults | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all Key Vaults | ||
| query: azure.subscription.keyVault.vaults {*} | ||
| - uid: mondoo-asset-inventory-azure-keyVaults-keys | ||
| title: Retrieve data for all Azure Key Vaults keys | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all keys in Key Vaults | ||
| query: azure.subscription.keyVault.vaults { keys } | ||
| - uid: mondoo-asset-inventory-azure-keyVaults-secrets | ||
| title: Retrieve data for all Azure Key Vaults secrets | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all secrets in Key Vaults | ||
| query: azure.subscription.keyVault.vaults { secrets } | ||
| - uid: mondoo-asset-inventory-azure-keyVaults-certificates | ||
| title: Retrieve data for all Azure Key Vaults certificates | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all certificates in Key Vaults | ||
| query: azure.subscription.keyVault.vaults { certificates } | ||
| - uid: mondoo-asset-inventory-azure-activitylogs | ||
| title: Retrieve data for all Azure activity logs | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all activity logs | ||
| query: azure.subscription.monitor.activityLog {*} | ||
| - uid: mondoo-asset-inventory-azure-networkSecurityGroups | ||
| title: Retrieve data for all Azure network security groups | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all network security groups | ||
| query: azure.subscription.network.securityGroups {*} | ||
| - uid: mondoo-asset-inventory-azure-virtualmachines | ||
| title: Retrieve data for all Azure virtual machines | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all virtual machines | ||
| query: azure.subscription.compute.vms {*} | ||
| - uid: mondoo-asset-inventory-azure-virtualmachines-managedDisk | ||
| title: Retrieve data for all Azure virtual machines with managed disks | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all virtual machines with managed disks | ||
| query: azure.subscription.compute.vms.where( properties["storageProfile"]["osDisk"]["managedDisk"].length > 0 ) | ||
| - uid: mondoo-asset-inventory-azure-webapp | ||
| title: Retrieve data for all Azure web apps | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all web apps | ||
| query: azure.subscription.web.apps {*} | ||
| - uid: mondoo-asset-inventory-azure-cosmoDb | ||
| title: Retrieve data for all Azure cosmoDb accounts | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all cosmoDb accounts | ||
| query: azure.subscription.cosmosDb.accounts {*} | ||
| - uid: mondoo-asset-inventory-azure-applicationInsight | ||
| title: Retrieve data for all Azure applicationInsight | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all ApplicationInsight | ||
| query: azure.subscription.monitor.applicationInsights {*} | ||
| - uid: mondoo-asset-inventory-azure-networkWatcher | ||
| title: Retrieve data for all Azure network watchers | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all ApplicationInsight | ||
| query: azure.subscription.network.watchers {*} | ||
| - uid: mondoo-asset-inventory-azure-bastionHosts | ||
| title: Retrieve data for all Azure bastionHosts | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all bastionHosts | ||
| query: azure.subscription.network.bastionHosts {*} | ||
| - uid: mondoo-asset-inventory-azure-compute-disks | ||
| title: Retrieve data for all compute disks under the subscription | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all compute disks available in the subscription | ||
| query: azure.subscription.compute.disks {*} | ||
| - uid: mondoo-asset-inventory-azure-network-interfaces | ||
| title: Retrieve data for all network interfaces | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all network interfaces | ||
| query: azure.subscription.network.interfaces {*} | ||
| - uid: mondoo-asset-inventory-azure-resourcegroups | ||
| title: Retrieve data for all resource groups inside the subscription | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all resource groups inside the subscription | ||
| query: azure.subscription.resourceGroups {*} | ||
| - uid: mondoo-asset-inventory-azure-resources | ||
| title: Retrieve data for all resources inside the subscription | ||
| docs: | ||
| desc: | | ||
| This query retrieves data for all resources inside the subscription | ||
| query: azure.subscription.resources {*} |