All bash / pwsh scripts any Azure Sys Admin may ever need.
- Shell 73.5%
- Python 17.5%
- PowerShell 9%
| apim | ||
| azure-devops | ||
| cost-management | ||
| identity | ||
| monitoring | ||
| network | ||
| security | ||
| utilities | ||
| .gitignore | ||
| README.md | ||
Cloud Admin Scripts Collection
Organized collection of Azure administration and automation scripts.
📁 Folder Structure
/identity - Identity & Access Management
assign_graph_permission_to_managed_identity.sh- Assign Microsoft Graph permissions to managed identitiesassign_sharepoint_permission_to_managed_identity.sh- Assign SharePoint permissions to managed identitiesassign_permissions_to_managed_identity.sh- Smart dispatcher for permission assignmentassign_graph_permission_to_user.sh- Assign Graph permissions to usersaudit_app_registrations.sh- Audit app registrations for security issuessend_graph_mail.py- Send emails via Microsoft Graph APImanaged_identity_utils.sh- Shared utility functions
/security - Security & Compliance
find_overprivileged_accounts.sh- Find accounts with excessive permissions
/cost-management - Cost Optimization
resource_cost_analyzer.sh- Analyze resource costs and find waste
/monitoring - Health & Monitoring
health_check.sh- Comprehensive Azure environment health check
/network - Network Security
check_nsg_rules.sh- Analyze NSG rules for security issues
/utilities - General Purpose Tools
bulk_resource_tagger.sh- Add tags to all resources in a resource groupnetwork_test.sh- Network connectivity testinggenerate_curls.sh- Generate curl commands for API testingapim_tests.sh- API Management testingtf_init.sh- Terraform initialization helper
/azure-devops - Azure DevOps Automation
Import-ServiceConnections.ps1- Import service connectionsextract_azdo_config.sh- Extract Azure DevOps configurationformat_repos.py- Format repository configurationsformat_service_connections.py- Format service connection dataformat_teams.py- Format team configurationsimport_tf_state.sh- Import Terraform state
🚀 Quick Start
Make scripts executable:
find . -name "*.sh" -exec chmod +x {} \;
Run permission assignment:
./identity/assign_permissions_to_managed_identity.sh graph my-app User.Read.All
Run security audit:
./security/find_overprivileged_accounts.sh
Run health check:
./monitoring/health_check.sh
💡 Additional Script Ideas
Security & Compliance
check_conditional_access_policies.sh- Audit Conditional Access policiesscan_storage_public_access.sh- Find storage accounts with public accessaudit_key_vault_access.sh- Review Key Vault access policiescheck_mfa_status.sh- Check MFA enrollment status
Cost Management
unused_resources_finder.sh- Find unused resources across subscriptionsrightsizing_recommendations.sh- VM rightsizing recommendationsreserved_instance_optimizer.sh- RI coverage analysis
Automation & DevOps
auto_scale_scheduler.sh- Schedule auto-scaling eventsbackup_automation.sh- Automated backup verificationpolicy_compliance_checker.sh- Check Azure Policy compliance
Monitoring & Alerting
log_analytics_queries.sh- Common Log Analytics queriescreate_standard_alerts.sh- Create standard monitoring alertsperformance_baseline.sh- Establish performance baselines
🛠️ Prerequisites
- Azure CLI installed and authenticated
- PowerShell (for .ps1 scripts)
- jq (for JSON processing)
- Appropriate Azure permissions
📖 Usage Patterns
Most scripts follow these patterns:
-hor--helpfor usage information- Minimal required parameters (smart defaults)
- Clear error messages and validation
- Consistent output formatting
🤝 Contributing
When adding new scripts:
- Place in appropriate folder
- Follow naming convention:
verb_noun.sh - Include usage function
- Add to this README
- Make executable with
chmod +x# azure_scripts