Skip to content

Commit e2a3d9f

Browse files
Cyb3rWard0gCyb3rWard0g
committed
Updated cloud katana docs, automation and PS scripts
1 parent 4b97ed4 commit e2a3d9f

File tree

66 files changed

+311
-1114
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

66 files changed

+311
-1114
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55

66
# Jupyter Book build
77
docs/_build/
8+
.vscode/
89

910
# User-specific files
1011
*.rsuser

.vscode/extensions.json

Lines changed: 0 additions & 6 deletions
This file was deleted.

.vscode/launch.json

Lines changed: 0 additions & 13 deletions
This file was deleted.

.vscode/settings.json

Lines changed: 0 additions & 6 deletions
This file was deleted.

.vscode/tasks.json

Lines changed: 0 additions & 14 deletions
This file was deleted.

docs/_toc.yml

Lines changed: 33 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -3,53 +3,49 @@ root: intro
33
parts:
44
- caption: Getting Started
55
chapters:
6-
- file: prepare
76
- file: deploy/azure/intro
87
sections:
98
- file: deploy/azure/arm
10-
- file: deploy/azure/demos
11-
- file: deploy/local/intro
12-
sections:
13-
- file: deploy/local/demos
149
- caption: Internals
1510
chapters:
16-
- file: internals/design/intro
17-
- file: internals/schema
11+
- file: learn/principles/intro
12+
- file: learn/schema
13+
- file: learn/simulation
1814
- caption: Targeted Notebooks
1915
chapters:
20-
- file: notebooks/windows/intro
16+
- file: simulate/windows/intro
2117
sections:
22-
- file: notebooks/windows/discovery/intro
18+
- file: simulate/windows/discovery/intro
2319
sections:
24-
- file: notebooks/windows/discovery/list_windows_firewall_rules_via_netsh
25-
- file: notebooks/windows/discovery/list_open_egress_ports_via_.net_tcpclient_class
26-
- file: notebooks/azure/intro
20+
- file: simulate/windows/discovery/list_windows_firewall_rules_via_netsh
21+
- file: simulate/windows/discovery/list_open_egress_ports_via_.net_tcpclient_class
22+
- file: simulate/azure/intro
2723
sections:
28-
- file: notebooks/azure/collection/intro
24+
- file: simulate/azure/collection/intro
2925
sections:
30-
- file: notebooks/azure/collection/get_my_mailbox_messages
31-
- file: notebooks/azure/collection/get_user_mailbox_messages
32-
- file: notebooks/azure/discovery/intro
26+
- file: simulate/azure/collection/get_my_mailbox_messages
27+
- file: simulate/azure/collection/get_user_mailbox_messages
28+
- file: simulate/azure/discovery/intro
3329
sections:
34-
- file: notebooks/azure/discovery/get_azure_ad_application_metadata
35-
- file: notebooks/azure/discovery/get_azure_ad_directory_roles
36-
- file: notebooks/azure/discovery/get_azure_ad_groups
37-
- file: notebooks/azure/discovery/get_azure_ad_owners_of_an_azure_ad_group_or_directory_role
38-
- file: notebooks/azure/discovery/get_azure_ad_oauth_permission_grants
39-
- file: notebooks/azure/discovery/get_owners_of_an_azure_ad_application_or_service_principal
40-
- file: notebooks/azure/discovery/get_azure_ad_resources_and_graph_them
41-
- file: notebooks/azure/discovery/get_azure_ad_service_principal_metadata
42-
- file: notebooks/azure/discovery/get_azure_ad_users
43-
- file: notebooks/azure/persistence/intro
30+
- file: simulate/azure/discovery/get_azure_ad_application_metadata
31+
- file: simulate/azure/discovery/get_azure_ad_directory_roles
32+
- file: simulate/azure/discovery/get_azure_ad_groups
33+
- file: simulate/azure/discovery/get_azure_ad_owners_of_an_azure_ad_group_or_directory_role
34+
- file: simulate/azure/discovery/get_azure_ad_oauth_permission_grants
35+
- file: simulate/azure/discovery/get_owners_of_an_azure_ad_application_or_service_principal
36+
- file: simulate/azure/discovery/get_azure_ad_resources_and_graph_them
37+
- file: simulate/azure/discovery/get_azure_ad_service_principal_metadata
38+
- file: simulate/azure/discovery/get_azure_ad_users
39+
- file: simulate/azure/persistence/intro
4440
sections:
45-
- file: notebooks/azure/persistence/add_new_owner_to_azure_ad_application
46-
- file: notebooks/azure/persistence/add_password_to_azure_ad_application
47-
- file: notebooks/azure/persistence/add_new_member_to_azure_ad_directory_role
48-
- file: notebooks/azure/persistence/add_new_member_to_azure_ad_group
49-
- file: notebooks/azure/persistence/add_new_owner_to_azure_ad_service_principal
50-
- file: notebooks/azure/persistence/add_password_to_azure_ad_service_principal
51-
- file: notebooks/azure/persistence/add_new_domain_to_azure_ad_tenant
52-
- file: notebooks/azure/persistence/grant_permission_to_azure_ad_application
53-
- file: notebooks/azure/persistence/create_new_azure_ad_application
54-
- file: notebooks/azure/persistence/create_new_azure_ad_service_principal_for_application
55-
- file: notebooks/azure/persistence/update_azure_ad_application_required_resource_access
41+
- file: simulate/azure/persistence/add_new_owner_to_azure_ad_application
42+
- file: simulate/azure/persistence/add_password_to_azure_ad_application
43+
- file: simulate/azure/persistence/add_new_member_to_azure_ad_directory_role
44+
- file: simulate/azure/persistence/add_new_member_to_azure_ad_group
45+
- file: simulate/azure/persistence/add_new_owner_to_azure_ad_service_principal
46+
- file: simulate/azure/persistence/add_password_to_azure_ad_service_principal
47+
- file: simulate/azure/persistence/add_new_domain_to_azure_ad_tenant
48+
- file: simulate/azure/persistence/grant_permission_to_azure_ad_application
49+
- file: simulate/azure/persistence/create_new_azure_ad_application
50+
- file: simulate/azure/persistence/create_new_azure_ad_service_principal_for_application
51+
- file: simulate/azure/persistence/update_azure_ad_application_required_resource_access

docs/deploy/azure/arm.md

Lines changed: 18 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,26 @@
11
# Azure Resource Manager Template
22

3+
## Authenticate to Azure
4+
5+
Use the Azure CLI command `az login` to authenticate to Azure AD with an account to deploy resources in Azure.
6+
7+
```PowerShell
8+
az login
9+
```
10+
11+
## Clone Project
12+
13+
```PowerShell
14+
git clone https://github.com/Azure/Cloud-Katana
15+
```
16+
317
## Create Resource Group
418

519
Create a resource group to deploy all Cloud Katana resources in it.
620

7-
![](../../images/CreateResourceGroup.png)
21+
```PowerShell
22+
az group create --name MyResourceGroup --location eastus
23+
```
824

925
## Import Cloud Katana Tools Module
1026

@@ -46,7 +62,7 @@ Once the managed identity is created, we need to grant all the required permissi
4662

4763
**Reference**: [https://docs.microsoft.com/en-us/graph/permissions-reference#application-permissions-4](https://docs.microsoft.com/en-us/graph/permissions-reference#application-permissions-4)
4864

49-
You can use another function from the Cloud Katana PowerShell module to grant permissions to the deployment managed identity.
65+
You can use another function from the Cloud Katana Tools module to grant permissions to the deployment managed identity.
5066

5167
```PowerShell
5268
Grant-CKTPermissions -SvcPrincipalId $identity.principalId -PermissionsList @('Application.ReadWrite.All','AppRoleAssignment.ReadWrite.All','DelegatedPermissionGrant.ReadWrite.All','User.Read.All') -PermissionsType application -verbose

0 commit comments

Comments
 (0)