Connect Powershell to Exchange Online

Check for connection, if not, then Establish connection

# Check for connection
$NotConnected = $true
$RMsessions = Get-PSSession
Foreach ($RMsession in $RMsessions) {
if ($RMsession.Computername -like "*outlook*") { $NotConnected = $false }
}

# Establish connection
if ($NotConnected ) {
$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session 
cls
}

Trigger Azure Policy to evaluate compliance

$subscriptionId = "!!!SUBSCRIPTION ID!!!"

$uri = "https://management.azure.com/subscriptions/$subscriptionId/providers/Microsoft.PolicyInsights/policyStates/latest/triggerEvaluation?api-version=2018-07-01-preview"
$azContext = Get-AzContext
$azProfile = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile
$profileClient = New-Object -TypeName Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient -ArgumentList ($azProfile)
$token = $profileClient.AcquireAccessToken($azContext.Tenant.Id)
$authHeader = @{
    'Content-Type'='application/json'
    'Authorization'='Bearer ' + $token.AccessToken
}
Invoke-RestMethod -Method Post -Uri $uri -UseBasicParsing -Headers $authHeader

Microsoft SQL – Get latest backup time

 SELECT  name ,
            recovery_model_desc ,
            state_desc ,
            d AS 'Last Full Backup' ,
            i AS 'Last Differential Backup' ,
            l AS 'Last log Backup'
    FROM    ( SELECT    db.name ,
                        db.state_desc ,
                        db.recovery_model_desc ,
                        type ,
                        backup_finish_date
              FROM      master.sys.databases db
                        LEFT OUTER JOIN msdb.dbo.backupset a ON a.database_name = db.name
            ) AS Sourcetable 
        PIVOT 
            ( MAX(backup_finish_date) FOR type IN ( D, I, L ) ) AS MostRecentBackup

Azure role, start,stop and restart Virtual Machine

Json file, replace “/subscriptions/11111111-1111-1111-1111-111111111111” with your own subscription ID.

Save the Json file and run: az role definition create –role-definition filename.json

 {
      "Name": "Virtual Machine Stop/Start/Restart",
      "IsCustom": true,
      "Description": "Can stop, start  and restart virtual machines.",
      "Actions": [
        "Microsoft.Compute/*/read",
        "Microsoft.Compute/virtualMachines/start/action",
        "Microsoft.Compute/virtualMachines/restart/action",
        "Microsoft.Compute/virtualMachines/deallocate/action"
      ],
      "NotActions": [


      ],
      "AssignableScopes": [
        "/subscriptions/11111111-1111-1111-1111-111111111111"
      ]
    }

Azure custom policy: Approved Costcenter Tag Values

Json for the rule. The tag could be something else. Just change the field: “tags.Costcenter”

{
  "mode": "All",
  "policyRule": {
    "if": {
      "not": {
        "field": "tags.Costcenter",
        "in": "[parameters('allowedTagValues')]"
      }
    },
    "then": {
      "effect": "deny"
    }
  },
  "parameters": {
    "allowedTagValues": {
      "type": "Array",
      "metadata": {
        "displayName": "Allowed tag values",
        "description": "The list of allowed Costcenter tag values"
      }
    }
  }
}

Parameters when assigning the policy

[
  "IT",
  "Risk",
  "Advisory",
  "Legal"
]