Public/Start-NLBaselineCA.ps1
|
function Start-NLBaselineCA { <# .SYNOPSIS Start the NLBaselineCA menu system .DESCRIPTION Displays the main menu with all available options for managing Conditional Access policies .EXAMPLE Start-NLBaselineCA #> [CmdletBinding()] param() if ($Host.UI.RawUI) { try { Clear-Host } catch { # Non-interactive terminal, just write newlines Write-Host "`n`n`n" } } Write-Host "========================================" -ForegroundColor Cyan Write-Host " Baseline Secure Cloud" -ForegroundColor Cyan Write-Host " Conditional Access Management Module" -ForegroundColor Cyan Write-Host "========================================" -ForegroundColor Cyan Write-Host "" # Check if configuration exists and storage path is valid $moduleConfigPath = Get-ConfigPath if (-not (Test-Path $moduleConfigPath)) { Write-Host "No configuration found. Run Quick Start to configure." -ForegroundColor Yellow Write-Host "" } else { $moduleConfig = Get-Content $moduleConfigPath | ConvertFrom-Json if ($moduleConfig.StoragePath -and (Test-Path $moduleConfig.StoragePath)) { $configPath = Join-Path $moduleConfig.StoragePath "config.json" if (Test-Path $configPath) { $config = Get-Content $configPath | ConvertFrom-Json if ($config.TenantId -and $config.ClientId) { Write-Host "Configuration found. Storage: $($moduleConfig.StoragePath)" -ForegroundColor Gray Write-Host "Tenant: $($config.TenantId) | App ID: $($config.ClientId)" -ForegroundColor Gray Write-Host "" } } } else { Write-Host "Storage path not found or not configured. Run Quick Start to configure." -ForegroundColor Yellow Write-Host "" } } do { Write-Host "Main Menu:" -ForegroundColor Green Write-Host "1. Quick Start (Configuration)" -ForegroundColor White Write-Host "2. Export all policies" -ForegroundColor White Write-Host "3. Import Baseline" -ForegroundColor White Write-Host "4. Security Advisory (AI)" -ForegroundColor White Write-Host "5. List all policies" -ForegroundColor White Write-Host "6. Toggle policies (Report-only / Enabled)" -ForegroundColor White Write-Host "7. List named locations" -ForegroundColor White Write-Host "8. Create default named locations" -ForegroundColor White Write-Host "9. Report-Only Analysis" -ForegroundColor White Write-Host "10. Manage Break Glass Group" -ForegroundColor White Write-Host "11. Rename Policies" -ForegroundColor White Write-Host "12. CIS Compliance Validation" -ForegroundColor White Write-Host "13. Remove All Policies" -ForegroundColor Red Write-Host "14. Fix Policy Naming" -ForegroundColor Yellow Write-Host "15. Help" -ForegroundColor Cyan Write-Host "16. Exit" -ForegroundColor White Write-Host "" $choice = Read-Host "Select an option" switch ($choice) { "1" { Start-QuickStart } "2" { Export-NLBaselineCAPolicies } "3" { Import-NLBaselineCABaseline } "4" { Get-NLBaselineCASecurityAdvisory } "5" { Get-NLBaselineCAPoliciesList } "6" { Set-NLBaselineCAPoliciesMode } "7" { Get-NLBaselineCANamedLocations } "8" { New-DefaultNamedLocations } "9" { Get-NLBaselineCAReportOnlyAnalysis } "10" { Write-Host "" Write-Host "Break Glass Group Management" -ForegroundColor Cyan Write-Host "" Write-Host "1. Add break glass group to all policies" -ForegroundColor White Write-Host "2. Remove break glass group from all policies" -ForegroundColor White Write-Host "" $bgChoice = Read-Host "Select option (1 or 2)" $groupName = Read-Host "Enter break glass group name (default: CABreakGlassExclude)" if ([string]::IsNullOrWhiteSpace($groupName)) { $groupName = "CABreakGlassExclude" } if ($bgChoice -eq "1") { Set-NLBaselineCABreakGlassGroup -GroupName $groupName -Action Add } elseif ($bgChoice -eq "2") { Set-NLBaselineCABreakGlassGroup -GroupName $groupName -Action Remove } else { Write-Host "Invalid choice" -ForegroundColor Red } } "11" { Write-Host "" Write-Host "Rename Policies" -ForegroundColor Cyan Write-Host "" $oldPrefix = Read-Host "Enter old prefix to replace (e.g., CA200)" $newPrefix = Read-Host "Enter new prefix (e.g., PROD-CA200)" if ([string]::IsNullOrWhiteSpace($oldPrefix) -or [string]::IsNullOrWhiteSpace($newPrefix)) { Write-Host "Both prefixes are required" -ForegroundColor Red } else { Rename-NLBaselineCAPolicies -OldPrefix $oldPrefix -NewPrefix $newPrefix } } "12" { Get-NLBaselineCACISCompliance } "13" { Write-Host "" Write-Host "Remove All Policies" -ForegroundColor Red Write-Host "" Write-Host "WARNING: This will permanently delete policies!" -ForegroundColor Red Write-Host "" $prefixFilter = Read-Host "Enter prefix filter (optional, leave empty to delete ALL policies)" if ([string]::IsNullOrWhiteSpace($prefixFilter)) { Write-Host "" Write-Host "You are about to delete ALL Conditional Access policies!" -ForegroundColor Red Write-Host "This action cannot be undone!" -ForegroundColor Red Write-Host "" $finalConfirm = Read-Host "Type 'DELETE ALL' to confirm" if ($finalConfirm -eq "DELETE ALL") { Remove-NLBaselineCAAllPolicies } else { Write-Host "Deletion cancelled." -ForegroundColor Yellow } } else { Remove-NLBaselineCAAllPolicies -PrefixFilter $prefixFilter } } "14" { Fix-NLBaselineCAPolicyNaming } "15" { Write-Host "" Write-Host "========================================" -ForegroundColor Cyan Write-Host " HELP & DOCUMENTATION" -ForegroundColor Cyan Write-Host "========================================" -ForegroundColor Cyan Write-Host "" Write-Host "For detailed documentation, examples, and support:" -ForegroundColor White Write-Host "" Write-Host "GitHub Repository:" -ForegroundColor Yellow Write-Host " https://github.com/nl-baseline/ai-conditional-access-guard-security-baseline" -ForegroundColor Cyan Write-Host "" Write-Host "Documentation includes:" -ForegroundColor White Write-Host " - Complete README with installation instructions" -ForegroundColor Gray Write-Host " - Deployment guide for publishing the module" -ForegroundColor Gray Write-Host " - Baseline policy documentation" -ForegroundColor Gray Write-Host " - Naming conventions for policies" -ForegroundColor Gray Write-Host " - 2025/2026 new features guide" -ForegroundColor Gray Write-Host "" Write-Host "PowerShell Gallery:" -ForegroundColor Yellow Write-Host " https://www.powershellgallery.com/packages/NLBaselineCA" -ForegroundColor Cyan Write-Host "" Write-Host "Module Information:" -ForegroundColor Yellow Write-Host " Module Name: NLBaselineCA" -ForegroundColor Gray Write-Host " Version: 1.0.0" -ForegroundColor Gray Write-Host " Author: Baseline Secure Cloud" -ForegroundColor Gray Write-Host "" Write-Host "Quick Commands:" -ForegroundColor Yellow Write-Host " Get-Help Start-NLBaselineCA -Full" -ForegroundColor Gray Write-Host " Get-Command -Module NLBaselineCA" -ForegroundColor Gray Write-Host " Get-Module NLBaselineCA | Select-Object *" -ForegroundColor Gray Write-Host "" Write-Host "Support:" -ForegroundColor Yellow Write-Host " - Report issues: GitHub Issues" -ForegroundColor Gray Write-Host " - Ask questions: GitHub Discussions" -ForegroundColor Gray Write-Host " - View source code: GitHub Repository" -ForegroundColor Gray Write-Host "" } "16" { Write-Host "Exiting..." -ForegroundColor Yellow break } default { Write-Host "Invalid choice. Please try again." -ForegroundColor Red Start-Sleep -Seconds 1 } } if ($choice -ne "16") { Write-Host "" Write-Host "Press any key to return to the menu..." -ForegroundColor Gray try { if ($Host.UI.RawUI) { $null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") } else { Read-Host "Press Enter to continue" } } catch { Read-Host "Press Enter to continue" } if ($Host.UI.RawUI) { try { Clear-Host } catch { Write-Host "`n`n`n" } } Write-Host "========================================" -ForegroundColor Cyan Write-Host " Baseline Secure Cloud" -ForegroundColor Cyan Write-Host " Conditional Access Management Module" -ForegroundColor Cyan Write-Host "========================================" -ForegroundColor Cyan Write-Host "" } } while ($choice -ne "16") } |