Get-AzRegulatoryComplianceAssessment
Gets regulatory compliance assessments
Syntax
Get-AzRegulatoryComplianceAssessment
[-Name <String>]
-StandardName <String>
-ControlName <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzRegulatoryComplianceAssessment
-ResourceId <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Description
Get a spcific assessment details or list all the assessments under specific control and regulatory compliance standard.
Examples
Example 1
Get-AzRegulatoryComplianceAssessment -StandardName "SOC TSP" -ControlName "CC5.8"
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/0392
b393-395e-42bf-ba60-8d99efc4d2d4
Name : 0392b393-395e-42bf-ba60-8d99efc4d2d4
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-10596-5] Deny log on as a batch job (Windows Server 2008 R2 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/04c8
24de-a93c-49cf-bb22-997cdff9e9fc
Name : 04c824de-a93c-49cf-bb22-997cdff9e9fc
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-24406-1] Allow log on through Remote Desktop Services (Windows Server 2012 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/04e7
147b-0deb-9796-2e5c-0336343ceb3d
Name : 04e7147b-0deb-9796-2e5c-0336343ceb3d
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : External accounts with write permissions should be removed from your subscription
AssessmentType : AssessmentResult
AssessmentDetailsLink :
State : Passed
PassedResources : 1
FailedResources : 0
SkippedResources : 0
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/0515
45a4-179e-4c04-9e9b-8f33821ef36f
Name : 051545a4-179e-4c04-9e9b-8f33821ef36f
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-37659-0] Configure 'Allow log on locally' (Windows Server 2016 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Failed
PassedResources : 1
FailedResources : 1
SkippedResources : 0
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/101e
af81-3dd3-4867-8871-f649131a06a9
Name : 101eaf81-3dd3-4867-8871-f649131a06a9
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-38028-7] Audit Policy: Policy Change: Audit Policy Change (Windows Server 2012 R2
Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/103d
e8e8-643e-4b0e-b4a4-a85830239a53
Name : 103de8e8-643e-4b0e-b4a4-a85830239a53
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-37133-6] Ensure 'Audit Account Lockout' is set to 'Success and Failure' (Windows Server
2016 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Failed
PassedResources : 1
FailedResources : 1
SkippedResources : 0
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/107b
8424-7ee8-4b6a-a859-b5256aa6596e
Name : 107b8424-7ee8-4b6a-a859-b5256aa6596e
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-37853-9] Audit Policy: System: IPsec Driver (Windows Server 2012 R2 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0Get all assessments under specific control and standard.
Example 2
Get-AzRegulatoryComplianceAssessment -StandardName "SOC TSP" -ControlName "CC5.8" -Name "fe48038b-f73a-4264-b499-0ff9dfaab05c"
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/fe48
038b-f73a-4264-b499-0ff9dfaab05c
Name : fe48038b-f73a-4264-b499-0ff9dfaab05c
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-24187-7] Audit Policy: Logon-Logoff: Special Logon (Windows Server 2012 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0Get a specific assessment under specific control and standard according to assessment id.
Example 3
Get-AzRegulatoryComplianceAssessment -ResourceId "/subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/providers/Microsoft.Security/regulatoryComplianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/fe48038b-f73a-4264-b499-0ff9dfaab05c"
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/providers/Microsoft.Security/regulatoryComp
lianceStandards/SOC-TSP/regulatoryComplianceControls/CC5.8/regulatoryComplianceAssessments/fe48
038b-f73a-4264-b499-0ff9dfaab05c
Name : fe48038b-f73a-4264-b499-0ff9dfaab05c
Type : Microsoft.Security/regulatoryComplianceStandards/regulatoryComplianceControls/regulatoryComplia
nceAssessments
Description : [CCE-24187-7] Audit Policy: Logon-Logoff: Special Logon (Windows Server 2012 Datacenter)
AssessmentType : RuleResult
AssessmentDetailsLink :
State : Passed
PassedResources : 2
FailedResources : 0
SkippedResources : 0Get a specific assessment under specific control and standard according to resource id.
Parameters
-ControlName
Control Name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
Assessment Id.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceId
ID of the security resource that you want to invoke the command on.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-StandardName
Standard Name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Outputs
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
Azure PowerShell