Part 1: Use azucar tool
Azucar is a multi-threaded plugin-based tool to help assess the security of Azure Cloud environment subscription. By leveraging the Azure API , Azucar automatically gathers a variety of configuration data and analyses all data relating to a particular subscription in order to determine security risks.The script will not change or modify any asset deployed in the Azure subscription.
More details on https://github.com/nccgroup/azucar/
Requirement:
- Windows 10, 1903
- An Azure read-only account
- Excel 2016 if you want to export excel format report
Steps
- Download and install Git for Windows from https://gitforwindows.org/ using default options. If you have git installed on your system, you can skip this step.
- Run a command line window. On your folder, run command: git clone https://github.com/nccgroup/azucar.git
- Run a powershell window as administrator, go to the “azucar” folder.
- Run command “$psversiontable”, make sure the powershell version is 3.x
- Run command: “Get-ChildItem -Recurse c:\tools\azucar | Unblock-File” to unblock the files
- Run command “.\Azucar.ps1 -ExportTo EXCEL,CSV,XML,JSON -Verbose -Instance AzureCloud -Analysis All”. it will popup a window to ask you to sign in.
- Enter the Azure email and password. Click “sign in” button. Select the Subscription and click “OK” button.
- Wait until the analysis process ended, you can find the reports on folder “azucar\report”
References:
- https://github.com/nccgroup/azucar/
- https://gitforwindows.org/
