SubscriptionSecurity/SecurityCenter.ps1

Set-StrictMode -Version Latest

function Set-AzSKAzureSecurityCenterPolicies 
{
    <#
    .SYNOPSIS
    This command would help in setting up the Security Center policies for a Subscription
 
    .DESCRIPTION
    This command would help in setting up the Security Center policies for a Subscription
 
    .PARAMETER SubscriptionId
        Subscription id for which the security evaluation has to be performed.
    .PARAMETER SecurityContactEmails
            Provide a security contact email address or addresses separated by a comma. Recommended a mail enabled Security Group with receiving of external emails option turned ON.
    .PARAMETER DoNotOpenOutputFolder
            Switch to specify whether to open output folder containing all security evaluation report or not.
    .PARAMETER SecurityPhoneNumber
            Provide a security contact international information phone number including the country code (for example, +1-425-1234567)
    .PARAMETER EnableOptionalPolicies
            Switch to specify whether to set the optional ASC policies.
     
 
 
    .LINK
    https://aka.ms/azskossdocs
    #>


    [OutputType([String])]
    Param
    (
        [string]
        [Parameter(Mandatory = $true, HelpMessage = "Subscription id for which the security evaluation has to be performed.")]
        [ValidateNotNullOrEmpty()]
        [Alias("sid", "HostSubscriptionId", "hsid","s")]
        $SubscriptionId,

        [string]
        [Parameter(Mandatory = $false, HelpMessage = "Provide a security contact email address or addresses separated by a comma. Recommended a mail enabled Security Group with receiving of external emails option turned ON.")]
        [Alias("scemail")]
        $SecurityContactEmails,

        [string]
        [Parameter(Mandatory = $false, HelpMessage = "Provide a security contact international information phone number including the country code (for example, +1-425-1234567)")]
        [Alias("scphone")]
        $SecurityPhoneNumber,

        [switch]
        [Parameter(Mandatory = $false, HelpMessage = "Switch to specify whether to open output folder containing all security evaluation report or not.")]
        [Alias("dnof")]
        $DoNotOpenOutputFolder,

        [switch]
        [Parameter(Mandatory = $false, HelpMessage = "Switch to specify whether to set the optional ASC policies.")]
        [Alias("eop","OptionalPolicies")]
        $EnableOptionalPolicies,

        [switch]
        [Parameter(Mandatory = $false, HelpMessage = "Switch to set Standard Prcing tier for ASC.")]
        [Alias("sats")]
        $SetASCTier
    )

    Begin
    {
        [CommandHelper]::BeginCommand($PSCmdlet.MyInvocation);
        [AzListenerHelper]::RegisterListeners();
    }

    Process
    {
        try 
        {
            $secCenter = [SecurityCenterStatus]::new($SubscriptionId, $PSCmdlet.MyInvocation);
            if ($secCenter) 
            {
                $setOptionalPolicy = $false;

                if ($EnableOptionalPolicies){
                    $setOptionalPolicy = $true;
                } 

                $updateSecurityContacts = $false;
                if(-not [string]::IsNullOrWhiteSpace($SecurityPhoneNumber) -or -not [string]::IsNullOrWhiteSpace($SecurityContactEmails))
                {
                    $secCenter.SecurityContactEmails = $SecurityContactEmails;
                    $secCenter.SecurityPhoneNumber = $SecurityPhoneNumber;
                    $updateSecurityContacts =$true;
                    
                }
                
                
                
                return $secCenter.SetPolicies($updateSecurityContacts,$setOptionalPolicy,$SetASCTier);
            }
        }
        catch 
        {
            [EventBase]::PublishGenericException($_);
        }  
    }

    End
    {
        [AzListenerHelper]::UnregisterListeners();
    }
}