Comments (3)
after the install script you need to change your files and then use the "update" cmdlet to change them
Update-AzSKOrganizationPolicy `
-AppInsightLocation $location `
-MonitoringDashboardLocation $location `
-AppInsightName $AppInsightsName `
-OrgName $Organization `
-PolicyFolderPath $PolicyFolder `
-ResourceGroupName $ResourceGroup `
-StorageAccountName $StorageAccountName `
-SubscriptionId $AzureSubscriptionId `
-DoNotOpenOutputFolder
from devopskit.
Thanks @Plork for the prompt reply. Did run this command as per your suggestion. Here is what I've got instead:
> Update-AzSKOrganizationPolicy -AppInsightName $AppInsightsName -OrgName $Organization -PolicyFolderPath $PolicyFolder -ResourceGroupName $ResourceGroup -StorageAccountName $StorageAccountName -SubscriptionId $SubId -AppInsightLocation $location -MonitoringDashboardLocation $location -DoNotOpenOutputFolder
================================================================================
AzSK Version: 3.15.0
================================================================================
Method Name: Update-AzSKOrganizationPolicy (UOP)
Input Parameters:
Name Alias Value
---- ----- -----
AppInsightName
OrgName Test-AK
PolicyFolderPath /Users/user1/.azsk/policies
ResourceGroupName AK-AzSK-Test-001
StorageAccountName XXXXXXXXXXXXX001
SubscriptionId XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX
AppInsightLocation eastus2
MonitoringDashboardLocation eastus2
DoNotOpenOutputFolder True
You can also use: uop -AppInsightName -OrgName Test-AK -PolicyFolderPath /Users/user1/.azsk/policies -ResourceGroupName AK-AzSK-Test-001 -StorageAccountName XXXXXXXXXXX001 -SubscriptionId XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX -AppInsightLocation eastus2 -MonitoringDashboardLocation eastus2 -DoNotOpenOutputFolder
================================================================================
Running AzSK cmdlet using a generic (org-neutral) policy...
InvalidOperation: Multiple storage accounts found in resource group: [AK-AzSK-Test-001]. This is not expected. Please contact support team.
================================================================================
Logs have been exported to: '/Users/user1/.local/share/Microsoft/AzSKLogs/Sub_Enterprise/20190812_084624_UOP'
================================================================================
/Users/user1/.local/share/Microsoft/AzSKLogs/Sub_Enterprise/20190812_084624_UOP
>
Just to be on the safe side. The documentation does not say that I have to ru 'update' directive. Here is what it says:
You may want to change this message to something more detailed. (Or even use this as a mechanism to notify all users within the org about something related to AzSK that they need to attend to immediately.) In this example let us just make a simple change to this message. We will just add '*' characters on either side of the 'Contoso-IT' so it stands out a bit.
Steps:
i) Open the AzSk.json from your local org-policy folder
ii) Edit the value for "Policy Message" field by adding 3 '*' characters on each side of 'Contoso-IT' as under:
"PolicyMessage" : "Running AzSK cmdlet using *** Contoso-IT *** policy"
iii) Save the file
iv) Run the policy setup command (the same command you ran for the first-time setup)
Testing:
The updated policy is now on the policy server.
So...it says to run policy setup
command instead. I am confused...
from devopskit.
I had a similar problem to this on PowershellCore on Mac and Linux (and later noticed AzSK's supported PSEdition does not include 'core'). I was able to get Install-AzSKOrganizationPolicy to work by changing some mode bits and path separators. See this fork: https://github.com/gfrascadorio/BWAzSKDevOpsKit.git
from devopskit.
Related Issues (20)
- ARMTemplateChecker - Enable Azure AD admin for the SQL Database - False positive with linked templates HOT 2
- Feature Request exclude passed controli ds from log
- Override values for Azsk.Azdo
- Support AzSKARMTemplateChecker task on Ubuntu agent HOT 1
- Secure DevOps Kit (AzSK) CICD Extensions - AzSKARMTemplateChecker task fails if template does not contain supported resources HOT 2
- Fail to upgrade Org Policy with AzSK from 4.4.0 to 4.10.0 HOT 3
- Azure_Storage_DP_Encrypt_In_Transit Failing unused property in Storage Account Blobservices ARM Template HOT 1
- Not showing azsk monitoring solution in Azure log analytics workspace HOT 1
- Azure_AppService_Audit_Enable_Logging_and_Monitoring fails when two Diagnostics settings are configured, but only one has all required logs enabled HOT 2
- Bypass 'Get-AzSKAzureServicesSecurityStatus' cmdlet's confirmation prompt for attestation HOT 2
- AzSK version 4.12 Security Status Report does not create SecurityEvaluationData json
- Module not catalog signed HOT 1
- AzSK 4.14 Install-AzSKContinuousAssuranceForCluster: Any way to run in a non-interactive mode
- Installation error HOT 1
- Logic app accesscontrol validations HOT 1
- Enable Eventhub output for Central CAs HOT 2
- Support for Azure Blueprints? HOT 1
- AzTS exceptions - System.ArgumentException: Requested value 'CDN' was not found. HOT 2
- Intermittent Error Thrown-Unable to deserialize the response. HOT 5
- APIM ARM template generated using Azure CLI dotnet command is giving error while deploying through Azure devops
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from devopskit.