Secure DevOps Kit for Azure (AzSK) is being phased out through FY21.The AzSK is transitioning to a more scalable and robust solution called Azure Tenant Security scanner (AzTS) which is based on Azure Functions and a central scan model where scans are performed via a managed identity with Reader access to subscriptions configured at management group level. This new approach helps us scale efficiently and with less process overhead to get the same level of visibility to compliance of several thousand subscriptions. It is also designed to help accelerate our migration to native security offerings in Azure such as Policy, Security Center, Management Groups, Azure Resource Graph, etc.
- Download the Power Shell Scripts from Here ( https://github.com/azsk/AzTS-docs/blob/main/TemplateFiles/DeploymentFiles.zip?raw=1)
$MIHostingSubId,$HostSubscriptionId - Your Subscription ID
$MIHostingRGName,$HostResourceGroupName - Resources Group Name
$Location -"East Asia"
$MIName = "Name of the Scanner MI"
$TargetSubscriptionIds - Your Subscription ID
$AzureEnvironmentName = "AzureCloud" or others
$SendAlertNotificationToEmailIds = the email to receive notification
5.When you open the webapp, the data is still blank.
Remember to execute the PowerShell Command, its take around 15 minutes.
Start-AzSKTenantSecuritySolutionOnDemandScan -SubscriptionId $HostSubscriptionId1 -ScanHostRGName $HostResourceGroupName1
After end of execution, the messages will display
"Subscriptions have been queued for scan. The scan result will be available in the next 2 hours."