microsoft / zerotrustassessment Goto Github PK
View Code? Open in Web Editor NEWRepository for the Zero Trust Assessment project
Home Page: https://aka.ms/ztassess
License: MIT License
Repository for the Zero Trust Assessment project
Home Page: https://aka.ms/ztassess
License: MIT License
Hi team,
I would love to see a way to specify either a tenant ID or vanity domain name as a switch when I authenticate, as I have a single Global Reader credential via GDAP to access my clients, versus having to run this with separate credentials.
Is it possible to have it feed this into the module to make it more flexible?
Application based permissions do not seem to work correctly. When I try and use -AccessToken I get auth'd but when I run invoke-zteassessment, it throws the following error:
ODataError: Exception of type 'Microsoft.Graph.Models.ODataErrors.ODataError' was thrown
I was able to get the assessment to work by adding delegated 'User.read' permission. However, data is not fully populated. i.e., my Conditional Access Polices among other items are not showing the exported xlsx. Is this by design? Is there a readme of what output we should be expecting?
I was hoping to use this for a customer, great tool. Please let me know! Thank you
In order to protect and secure Microsoft, private
or internal
repositories in GitHub for Open Source which are not related to open source projects or require collaboration with 3rd parties (customer, partners, etc.) must be migrated to GitHub inside Microsoft a.k.a GitHub Enterprise Cloud with Enterprise Managed User (GHEC EMU).
✍️ Please RSVP to opt-in or opt-out of the migration to GitHub inside Microsoft.
❗Only users with admin
permission in the repository are allowed to respond. Failure to provide a response will result to your repository getting automatically archived.🔒
Reply with a comment on this issue containing one of the following optin
or optout
command options below.
✅ Opt-in to migrate
@gimsvc optin --date <target_migration_date in mm-dd-yyyy format>
Example:
@gimsvc optin --date 03-15-2023
OR
❌ Opt-out of migration
@gimsvc optout --reason <staging|collaboration|delete|other>
Example:
@gimsvc optout --reason staging
Options:
staging
: This repository will ship as Open Source or gopublic
collaboration
: Used for external or 3rd party collaboration with customers, partners, suppliers, etc.delete
: This repository will be deleted because it is no longer needed.other
: Other reasons not specified
Hi all,
I missed the workshop this week unfortunately. This tool and workshop looks very interesting.
I don't see any instructions on how to use this tool?
The main page (https://microsoft.github.io/zerotrustassessment/) shows "Step 1: Run assessment", but there is no button attached to it other than "App permissions". You go to that page, and it it explains the permissions, but then does not advise how to run the tool?
Please help?
Thanks,
@merill what do the references to P0, P1 and P2 mean in the Identity Assessment sheet of the Zero Trust Assessment output spreadsheet?
In the Identity Roadmap sheet, I assumed the P1 and P2 references are referring to the Entra ID license requirement in order to achieve the guidance because some tiles have IDGov (Identity Governance) and WID (Workload Identity) idicators.
Similarly, in the result section of the Identity Assessment sheet, I assumed:
Also, another issue I have is some of the links in the above result section give a Microsoft Excel error: "Reference isn't valid"
If you could include a key to these indicators on the output that would be great or just an explainer in the documentation please.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.