rules/Azure.Automation.Rule.ps1
# Copyright (c) Microsoft Corporation. # Licensed under the MIT License. # # Validation rules for Automation Accounts # # Synopsis: Ensure variables are encrypted Rule 'Azure.Automation.EncryptVariables' -Type 'Microsoft.Automation/automationAccounts' -Tag @{ release = 'GA' } { $variables = GetSubResources -ResourceType 'Microsoft.Automation/automationAccounts/variables' if ($variables.Length -eq 0) { return $True; } foreach ($var in $variables) { $var.properties.isEncrypted -eq $True } } # Synopsis: Ensure webhook expiry is not longer than one year Rule 'Azure.Automation.WebHookExpiry' -Type 'Microsoft.Automation/automationAccounts' -Tag @{ release = 'GA' } { $webhooks = GetSubResources -ResourceType 'Microsoft.Automation/automationAccounts/webhooks' if ($webhooks.Length -eq 0) { return $True; } foreach ($webhook in $webhooks) { $days = [math]::Abs([int]((Get-Date) - $webhook.properties.expiryTime).Days) $days -lt 365 } } |