{"id":34625365,"url":"https://github.com/ethanolivertroy/azure-cloud-shell-audit","last_synced_at":"2026-04-17T03:32:31.017Z","repository":{"id":296933961,"uuid":"995059386","full_name":"ethanolivertroy/azure-cloud-shell-audit","owner":"ethanolivertroy","description":null,"archived":false,"fork":false,"pushed_at":"2025-12-14T08:17:04.000Z","size":423,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-12-16T12:17:53.733Z","etag":null,"topics":["azure","cloud-shell","compliance","fedramp"],"latest_commit_sha":null,"homepage":"","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ethanolivertroy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":"audit.ps1","citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-06-02T22:53:56.000Z","updated_at":"2025-12-14T08:17:07.000Z","dependencies_parsed_at":"2025-06-08T01:47:19.651Z","dependency_job_id":null,"html_url":"https://github.com/ethanolivertroy/azure-cloud-shell-audit","commit_stats":null,"previous_names":["ethanolivertroy/azure-cloud-shell-audit"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ethanolivertroy/azure-cloud-shell-audit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ethanolivertroy%2Fazure-cloud-shell-audit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ethanolivertroy%2Fazure-cloud-shell-audit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ethanolivertroy%2Fazure-cloud-shell-audit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ethanolivertroy%2Fazure-cloud-shell-audit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ethanolivertroy","download_url":"https://codeload.github.com/ethanolivertroy/azure-cloud-shell-audit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ethanolivertroy%2Fazure-cloud-shell-audit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31913605,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-16T18:22:33.417Z","status":"online","status_checked_at":"2026-04-17T02:00:06.879Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["azure","cloud-shell","compliance","fedramp"],"created_at":"2025-12-24T15:54:16.993Z","updated_at":"2026-04-17T03:32:31.011Z","avatar_url":"https://github.com/ethanolivertroy.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Azure Cloud Shell Security Audit Tool\n\nA comprehensive security audit script designed to run directly in Azure Cloud Shell, checking for compliance with FedRAMP and NIST 800-53 standards while assessing impacts to the CIA (Confidentiality, Integrity, Availability) triad.\n\n## Overview\n\nThis tool helps security engineers:\n- Assess Azure environments against FedRAMP High baseline controls\n- Map findings to NIST 800-53 Rev 5 controls\n- Evaluate security risks using the CIA triad framework\n- Generate actionable remediation guidance\n- Produce compliance reports in multiple formats\n\n\u003cimg src=\"graphic.webp\" width=\"500\"\u003e\n\n## Quick Start\n\n1. Open [Azure Cloud Shell](https://shell.azure.com) (PowerShell mode)\n2. Clone this repository:\n   ```powershell\n   git clone https://github.com/your-org/azure-cloud-shell-audit.git\n   cd azure-cloud-shell-audit\n   ```\n3. Run the audit:\n   ```powershell\n   ./audit.ps1 -SubscriptionId \"your-subscription-id\"\n   ```\n\n## Features\n\n### Security Control Coverage\n- **Access Control (AC)**: Account management, access enforcement, least privilege, information flow\n- **Audit \u0026 Accountability (AU)**: Audit events, log retention, monitoring, protection of audit information\n- **System \u0026 Communications Protection (SC)**: Encryption, network security, boundary protection, transmission integrity\n- **System \u0026 Information Integrity (SI)**: Flaw remediation, malicious code protection, integrity monitoring, input validation\n- **Identification \u0026 Authentication (IA)**: Multi-factor authentication, identity management\n- **Incident Response (IR)**: Incident handling, monitoring, reporting, response planning\n- **Configuration Management (CM)**: Baseline configuration, change control, component inventory\n- **Risk Assessment (RA)**: Risk assessment process, vulnerability scanning, risk response\n- **Media Protection (MP)**: Secure media transport and handling\n\n### CIA Triad Assessment\nEach finding includes impact ratings for:\n- **Confidentiality**: Risk of unauthorized data disclosure\n- **Integrity**: Risk of unauthorized data modification\n- **Availability**: Risk of service disruption\n\n### Compliance Mapping\n- FedRAMP High baseline controls\n- NIST 800-53 Rev 5 control families\n- Azure-specific implementation guidance\n\n## Usage Examples\n\n### Basic Audit\n```powershell\n# Audit entire subscription\n./audit.ps1 -SubscriptionId \"12345678-1234-1234-1234-123456789012\"\n```\n\n### Targeted Control Assessment\n```powershell\n# Audit only Access Control and Audit families\n./audit.ps1 -SubscriptionId \"12345678-1234-1234-1234-123456789012\" -Controls \"AC-*,AU-*\"\n```\n\n### CIA-Focused Assessment\n```powershell\n# Focus on high confidentiality impact controls\n./audit.ps1 -SubscriptionId \"12345678-1234-1234-1234-123456789012\" -AssessmentType CIA\n```\n\n### Custom Output Format\n```powershell\n# Generate JSON report for automation\n./audit.ps1 -SubscriptionId \"12345678-1234-1234-1234-123456789012\" -OutputFormat JSON\n```\n\n### Azure Policy Integration\n```powershell\n# Check current policy compliance\n./audit.ps1 -SubscriptionId \"12345678-1234-1234-1234-123456789012\" -EnablePolicyCompliance\n\n# Enable continuous compliance monitoring\n./audit.ps1 -SubscriptionId \"12345678-1234-1234-1234-123456789012\" -EnableContinuousCompliance -NotificationEmail \"security@company.com\"\n```\n\n### Advanced Usage Examples\n```powershell\n# Comprehensive audit with all features\n./audit.ps1 -SubscriptionId \"12345678-1234-1234-1234-123456789012\" `\n           -Controls \"*\" `\n           -OutputFormat HTML `\n           -EnablePolicyCompliance `\n           -EnableContinuousCompliance `\n           -NotificationEmail \"security@company.com\"\n\n# Quick security scan focusing on high-risk areas\n./audit.ps1 -SubscriptionId \"12345678-1234-1234-1234-123456789012\" `\n           -Controls \"AC-*,SC-*,SI-*\" `\n           -AssessmentType QuickScan\n```\n\n## Output Formats\n\n- **HTML**: Interactive dashboard with findings and remediation (default)\n- **JSON**: Machine-readable format for automation\n- **CSV**: For spreadsheet analysis\n- **Markdown**: For documentation and wikis\n\n## Prerequisites\n\n- Azure Cloud Shell (recommended) or PowerShell 7.0+\n- Azure PowerShell modules (pre-installed in Cloud Shell)\n- Reader access to target Azure subscription\n- No external dependencies\n\n## Report Structure\n\n### Executive Summary\n- Overall compliance status\n- Critical findings count\n- CIA impact distribution\n\n### Technical Details\n- Control-by-control assessment\n- Evidence collected\n- Specific Azure resource findings\n\n### Remediation Plan\n- Prioritized action items\n- Implementation guidance\n- Azure service recommendations\n\n## Security Considerations\n\n- **Read-Only Operations**: Script performs no modifications\n- **No Credential Storage**: Uses Azure Cloud Shell authentication\n- **Secure Output**: Sensitive data sanitized in reports\n- **Rate Limiting**: Implements API call throttling\n\n## Extending the Tool\n\n### Adding New Controls\n1. Add control definition to `config/control-definitions.json`\n2. Implement check function in appropriate module under `modules/controls/`\n3. Update control mapping in `modules/compliance/`\n\n### Custom Compliance Frameworks\nThe tool supports adding custom compliance mappings:\n- ISO 27001\n- SOC 2\n- PCI DSS\n- CIS Azure Foundations Benchmark\n\n## Troubleshooting\n\n### Common Issues\n\n1. **Authentication Errors**\n   ```powershell\n   Connect-AzAccount\n   Set-AzContext -SubscriptionId \"your-subscription-id\"\n   ```\n\n2. **Permission Errors**\n   - Ensure you have at least Reader role\n   - For full assessment, Security Reader role recommended\n\n3. **Module Not Found**\n   - Run in Azure Cloud Shell for best compatibility\n   - Or install required modules:\n     ```powershell\n     Install-Module -Name Az -Force\n     ```\n\n## Contributing\n\nSee [IMPLEMENTATION_PLAN.md](IMPLEMENTATION_PLAN.md) for development roadmap and contribution guidelines.\n\n## License\n\n[Your License Here]\n\n## Support\n\nFor issues and feature requests, please use the GitHub issue tracker.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fethanolivertroy%2Fazure-cloud-shell-audit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fethanolivertroy%2Fazure-cloud-shell-audit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fethanolivertroy%2Fazure-cloud-shell-audit/lists"}