-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathconfiguration.json
108 lines (108 loc) · 4.01 KB
/
configuration.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
{
"automation" : false,
"subscriptions" : [
],
"identity" : {
"taskOutputDirectory" : "./logs/identity_summary",
"availableTasks" : {
"ReportAssignments" : {
"Descripton" :"Report all assignments to a file, no settings",
"Parameters" : null
},
"ClearUserAssignments" : {
"Descripton" :"Remove all sub level USER role assignments",
"Parameters" : {
"deleteAssignments" : "Flag on whether to remove or not, overridden by automation if true"
}
},
"ClearInvalidPrincipals" : {
"Descripton" :"Remove any SP that does not have an AAD entry, no settings",
"Parameters" : null
}
},
"active_tasks" : {
"ReportAssignments" : null,
"ClearUserAssignments" : {
"deleteAssignments" : false
}
}
},
"groupCompliance" : {
"taskOutputDirectory" : "./logs/group_compliance",
"availableTasks" : {
"EnforceCompliance" : {
"Descripton" :"Remove resource groups that do not meet compliance",
"Parameters" : {
"required_tags" : "list of tag names that MUST exist on a group",
"ignored" : "list of lowercase names that start an rg name to ignore",
"delete_on_missing" : "Flag on whether to remove or not, overridden by automation if true"
}
},
"DeleteGroups" :{
"Descripton" :"Non automatable, remove specified groups from specified sub",
"Parameters" : {
"subscription" : "subscription id",
"groups" : "list of groups to remove from the sub"
}
}
},
"active_tasks" : {
"EnforceCompliance" : {
"required_tags": ["alias"],
"ignored" : ["cleanupservice", "defaultresourcegroup","networkwatcherrg", "visualstudioonline-", "cloud-shell-storage-"],
"delete_on_missing" : false
},
"DeleteGroups" : {
"subscription" : "Your Subscription ID",
"groups" : ["list of your group names in sub"]
}
}
},
"compute" : {
"taskOutputDirectory" : "./logs/compute_status",
"availableTasks" : {
"DeallocateUserCompute" : {
"Descripton" :"Deallocate VMs not in managed group",
"Parameters" : {
"include_managed_compute" : "boolean to look at managed compute as well",
"stop_running" : "Flag on whether to dealloate or not, overridden by automation if true"
}
}
},
"active_tasks" : {
"DeallocateUserCompute" : {
"include_managed_compute" : false,
"stop_running" : false
}
}
},
"keyvault" : {
"taskOutputDirectory" : "./logs/kevault_status",
"availableTasks" : {
"EnableSoftDelete" : {
"Descripton" :"Scans subscriptions and forces soft delete on for key vaults",
"Parameters" : null
}
},
"active_tasks" : {
"EnableSoftDelete" : null
}
},
"storage" : {
"taskOutputDirectory" : "./logs/storage_status",
"availableTasks" : {
"EnableSecurity" : {
"Descripton" :"Scans subscriptions for storage and optionally force updates public blob, logging, and https",
"Parameters" : {
"forceUpdate" : "Flag on whether to force security or not, overridden by automation if true"
}
}
},
"active_tasks" : {
"EnableSecurity" : {
"forceUpdate" : false,
"ignoredAccounts" : ["dciborowmmlsparkstore"]
}
}
}
}