modules/Azure/Checks/Test-KeyvaultRbacEnabled.ps1
|
function Test-KeyvaultRbacEnabled { <# .SYNOPSIS Key Vault uses Azure RBAC for access control .DESCRIPTION **Azure Key Vault** uses the **Azure RBAC permission model** for data-plane access to keys, secrets, and certificates, rather than legacy access policies. Evaluates whether data access is managed through role assignments at the vault. .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] $Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: keyvault_rbac_enabled [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check keyvault_rbac_enabled for reference.', 'N/A', 'keyvault Resources') } |