Private/Baseline/Import-AlzBaseline.ps1
|
function Import-AlzBaseline { <# .SYNOPSIS Import Azure Landing Zones baseline policies from AzAdvertizer CSV. .DESCRIPTION Filters CSV data to extract policies belonging to specified ALZ initiatives. Returns baseline policy objects with source tracking. .PARAMETER CsvData Array of CSV rows from AzAdvertizer. .PARAMETER SelectedInitiatives Array of initiative keys/names to include. Empty = all initiatives. .PARAMETER AlzInitiatives Hashtable of ALZ initiatives from Get-AlzInitiatives. .PARAMETER OutputFolder Optional folder to export detected initiatives list. .EXAMPLE $alzBaseline = Import-AlzBaseline -CsvData $polCsv -AlzInitiatives $alzInit -SelectedInitiatives @("LZ-CORP") .OUTPUTS Array of policy baseline objects #> [CmdletBinding()] param( [Parameter(Mandatory = $true)] [object[]]$CsvData, [string[]]$SelectedInitiatives = @(), [Parameter(Mandatory = $true)] [hashtable]$AlzInitiatives, [string]$OutputFolder ) # Determine which initiatives to keep [string[]]$initKeysToKeep = @() if ($SelectedInitiatives.Count -gt 0) { foreach ($k in $AlzInitiatives.Keys) { $itm = $AlzInitiatives[$k] if ($SelectedInitiatives -contains $k -or $SelectedInitiatives -contains $itm.DisplayName -or ($itm.Code -and ($SelectedInitiatives -contains $itm.Code))) { $initKeysToKeep += $k } } if ($initKeysToKeep.Count -eq 0) { $available = $AlzInitiatives.Keys -join ', ' throw "None of the specified initiatives found in CSV. Available: $available" } } else { $initKeysToKeep = $AlzInitiatives.Keys } # Export detected initiatives if output folder provided if ($OutputFolder) { $alzInitPath = Join-Path $OutputFolder "ALZ_Initiatives_Detected.csv" $AlzInitiatives.GetEnumerator() | Sort-Object Name | ForEach-Object { [pscustomobject]@{ InitiativeKey = $_.Key DisplayName = $_.Value.DisplayName Code = $_.Value.Code } } | Export-Csv -Path $alzInitPath -NoTypeInformation -Encoding UTF8 } # Extract baseline policies $alzBaseline = @() foreach ($row in $CsvData) { $used = [string]$row.policyUsedInPolicySet if ([string]::IsNullOrWhiteSpace($used)) { continue } $include = $false foreach ($p in ($used -split ';')) { $p2 = $p.Trim() if (-not ($p2 -like '* ALZ')) { continue } # Check if this policy belongs to selected initiatives if ($p2 -match '^(?<disp>.+?)\s*\((?<code>[^)]+)\)\s*ALZ$') { $disp = $Matches['disp'].Trim() $code = $Matches['code'].Trim() $key = if ($code) { $code } else { $disp } if ($initKeysToKeep -contains $key -or $initKeysToKeep -contains $disp -or $initKeysToKeep -contains $code) { $include = $true break } } else { $disp = $p2.Substring(0, $p2.Length - 4).Trim() if ($initKeysToKeep -contains $disp) { $include = $true break } } } if ($include) { $alzBaseline += [pscustomobject]@{ PolicyDefinitionId = $row.policyId PolicyDisplayName = $row.policyName PolicyType = $row.policyType Category = $row.Category Version = $row.policyVersion BaselineSources = "ALZ" Effect = $null } } } return $alzBaseline } |