Workloads/Get-AssessmentMetadata.ps1
|
# Get-AssessmentMetadata.ps1 # Collects tenant metadata and Secure Score. # Part of the M365-QuickAssess module -- not exported. function Get-AssessmentMetadata { param ( $Assessment ) # ------------------------------------------------------------------- # Tenant Metadata # ------------------------------------------------------------------- try { Write-Log "Collecting tenant metadata" $org = Get-MgOrganization -ErrorAction Stop $Assessment.Metadata.TenantName = $org.DisplayName $Assessment.Metadata.TenantId = $org.Id $Assessment.Metadata.AssessmentDate = ( Get-Date ).ToString("o") $Assessment.Summary.CustomDomainCount = ( $org.VerifiedDomains | Where-Object { $_.IsInitial -ne $true } ).Count Write-Log "Tenant: $( $org.DisplayName ) ($( $org.Id ))" } catch { Write-Log "Tenant metadata collection failed: $( $_.Exception.Message )" "ERROR" throw } # ------------------------------------------------------------------- # Secure Score # ------------------------------------------------------------------- try { Write-Log "Collecting Secure Score" $score = Get-MgSecuritySecureScore -Top 1 -ErrorAction Stop if ( $score ) { $current = [math]::Round( $score.CurrentScore, 2 ) $max = [math]::Round( $score.MaxScore, 2 ) $percent = 0 if ( $max -gt 0 ) { $percent = [math]::Round( ( $current / $max ) * 100, 2 ) } $Assessment.Metadata.SecureScore = $current $Assessment.Metadata.SecureScoreMax = $max $Assessment.Metadata.SecureScorePercent = $percent Write-Log "Secure Score: $current / $max ($percent%)" # ------------------------------------------------------------------- # Finding: Low Secure Score # ------------------------------------------------------------------- if ( $percent -lt 50 ) { $Assessment.Findings += New-Finding ` -Type "LowSecureScore" ` -Summary "Secure Score is below 50% ($percent%)" ` -Category "Security" ` -Severity "High" ` -Impact "A low Secure Score indicates significant security gaps that increase risk during and after migration." ` -Recommendation "Review Microsoft Secure Score recommendations and address high-impact items before migration." } elseif ( $percent -lt 70 ) { $Assessment.Findings += New-Finding ` -Type "ModerateSecureScore" ` -Summary "Secure Score is below 70% ($percent%)" ` -Category "Security" ` -Severity "Medium" ` -Impact "Moderate security posture -- some risks may need addressing before or during migration." ` -Recommendation "Review Microsoft Secure Score recommendations and address medium-impact items." } } else { Write-Log "Secure Score returned no data" "WARN" } } catch { Write-Log "Secure Score collection failed: $( $_.Exception.Message )" "WARN" } } |