Get-AzRegulatoryComplianceAssessment
Gets regulatory compliance assessments
Syntax
Get-AzRegulatoryComplianceAssessment
[-Name <String>]
-StandardName <String>
-ControlName <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Get-AzRegulatoryComplianceAssessment
-ResourceId <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Description
Get a spcific assessment details or list all the assessments under specific control and regulatory compliance standard.
Examples
Example 1
Get-AzRegulatoryComplianceAssessment -StandardName "SOC TSP" -ControlName "CC5.8"
Id : /subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/0392
b393-395e-42bf-ba60-8d99efc4d2d4
Name : 0392b393-395e-42bf-ba60-8d99efc4d2d4
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-10596-5] Deny log on as a batch job (Windows Server 2008 R2 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0
Id : /subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/04c8
24de-a93c-49cf-bb22-997cdff9e9fc
Name : 04c824de-a93c-49cf-bb22-997cdff9e9fc
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-24406-1] Allow log on through Remote Desktop Services (Windows Server 2012 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0
Id : /subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/04e7
147b-0deb-9796-2e5c-0336343ceb3d
Name : 04e7147b-0deb-9796-2e5c-0336343ceb3d
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : External accounts with write permissions should be removed from your subscription
AssessmentType : AssessmentResult
AssessmentDetailsLink :
State : Passed
PassedResources : 1
FailedResources : 0
SkippedResources : 0
Id : /subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/0515
45a4-179e-4c04-9e9b-8f33821ef36f
Name : 051545a4-179e-4c04-9e9b-8f33821ef36f
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-37659-0] Configure 'Allow log on locally' (Windows Server 2016 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Failed
PassedResources : 1
FailedResources : 1
SkippedResources : 0
Id : /subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/101e
af81-3dd3-4867-8871-f649131a06a9
Name : 101eaf81-3dd3-4867-8871-f649131a06a9
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-38028-7] Audit Policy: Policy Change: Audit Policy Change (Windows Server 2012 R2
Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0
Id : /subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/103d
e8e8-643e-4b0e-b4a4-a85830239a53
Name : 103de8e8-643e-4b0e-b4a4-a85830239a53
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-37133-6] Ensure 'Audit Account Lockout' is set to 'Success and Failure' (Windows Server
2016 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Failed
PassedResources : 1
FailedResources : 1
SkippedResources : 0
Id : /subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/107b
8424-7ee8-4b6a-a859-b5256aa6596e
Name : 107b8424-7ee8-4b6a-a859-b5256aa6596e
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-37853-9] Audit Policy: System: IPsec Driver (Windows Server 2012 R2 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0
Get all assessments under specific control and standard.
Example 2
Get-AzRegulatoryComplianceAssessment -StandardName "SOC TSP" -ControlName "CC5.8" -Name "b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2"
Id : /subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/fe48
038b-f73a-4264-b499-0ff9dfaab05c
Name : b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-24187-7] Audit Policy: Logon-Logoff: Special Logon (Windows Server 2012 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0
Get a specific assessment under specific control and standard according to assessment id.
Example 3
Get-AzRegulatoryComplianceAssessment -ResourceId "/subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/providers/Microsoft.Security/regulatoryComplianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2"
Id : /subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/fe48
038b-f73a-4264-b499-0ff9dfaab05c
Name : b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-24187-7] Audit Policy: Logon-Logoff: Special Logon (Windows Server 2012 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0
Get a specific assessment under specific control and standard according to resource id.
Parameters
-ControlName
Control Name.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Name
Assessment Id.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceId
ID of the security resource that you want to invoke the command on.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-StandardName
Standard Name.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
Outputs
Azure PowerShell