This topic is something I have wanted to dive into for months, but I have found it difficult to wrap my head around how to get started.I wanted to look into how I could get policy exemptions, the same way I already was getting Azure Policy exemptions using REST API. But Defender for Cloud Security …
Continue reading Microsoft Defender for Cloud – exemptions using REST API
Category:Management
Microsoft Defender for Cloud – Delete exemptions using REST API
In my previous post, I touched on the topic of how to create Microsoft Defender for Cloud recommendation exemptions (also called standard assignments: exempt mode). In this post I want to show how to delete policy exemptions using REST API. Please read my previous posts here: Please read the first post about getting standard assignments. …
Continue reading Microsoft Defender for Cloud – Delete exemptions using REST API
Microsoft Defender for Cloud – Create exemptions using REST API
In my previous post, I touched on the topic of how to get Microsoft Defender for Cloud recommendation exemptions (also called standard assignments: exempt mode). In this post I want to show how to create policy exemptions using REST API. Please read my previous post here: To understand authentication, read my previous post where I …
Continue reading Microsoft Defender for Cloud – Create exemptions using REST API
Microsoft Defender for Cloud – Get exemptions using REST API
This post is part of a series. Navigate to the parent post using this link: In this post, I want to show you how to get (list) standard assignments (exemptions) using PowerShell and REST API. First we need to authenticate to Azure and get an access token, we will use in our REST API calls: …
Continue reading Microsoft Defender for Cloud – Get exemptions using REST API
Windows Admin Center – Bulk enable on servers via PowerShell
Windows Admin Center is a great tool for managing Windows Servers from the Azure Portal. But how to enable this great tool on many servers at the same time. I have written a small script that does the job. The script will enable WAC on all servers in the resource group defined on script execution …
Continue reading Windows Admin Center – Bulk enable on servers via PowerShell
Azure Local – Enable Remote Desktop (RDP)
It is recommended to keep RDP disabled, but sometimes we need RDP access (e.g. troubleshooting around failed updates that require manual install of patches or modules). Here is how to enable RDP via PowerShell Remoting from another device in the same domain (Requires access from the source server to the target server on the network): …
Continue reading Azure Local – Enable Remote Desktop (RDP)
Azure subscriptions – limit and monitor Pay-as-you-go subscription
Intro There is not direct way to deny administrators the ability to create free trial, Pay-as-you-go and Azure for Students subscriptions in Azure. However their are a few ways to limit and monitor creations. These settings should every organization enable to limit the possibility for users to create subscriptions and resources that is not govern …
Continue reading Azure subscriptions – limit and monitor Pay-as-you-go subscription
Azure Bastion
Deploy Azure Bastion to subscription No hassle of managing Network Security Groups (NSGs)You don’t need to apply any NSGs to the Azure Bastion subnet. Because Azure Bastion connects to your virtual machines over private IP, you can configure your NSGs to allow RDP/SSH from Azure Bastion only. This removes the hassle of managing NSGs each …
Continue reading Azure Bastion