update
This commit is contained in:
Zack Meier
@@ -0,0 +1,59 @@
|
||||
|
||||
<#
|
||||
.SYNOPSIS
|
||||
Checks VMware host lockdown mode status and creates incidents for disabled hosts.
|
||||
|
||||
.DESCRIPTION
|
||||
Recurring PSU schedule task, ~8am.
|
||||
|
||||
This script connects to the ITD vCenter, retrieves all VMware hosts, and checks their lockdown mode status.
|
||||
If lockdown mode is disabled on any hosts, it creates a ServiceNow incident for review.
|
||||
|
||||
.EXAMPLE
|
||||
.\VMware-LockdownTickets.ps1
|
||||
|
||||
.NOTES
|
||||
Requires VMware PowerCLI and ITD ServiceNow modules.
|
||||
Service account credentials must be available via $PrvCred and $Secret:ndgov_svcitdvmvcro.
|
||||
#>
|
||||
[CmdletBinding()]
|
||||
param (
|
||||
|
||||
)
|
||||
|
||||
begin {
|
||||
|
||||
}
|
||||
|
||||
process {
|
||||
New-ITDServiceNowSession -Credential $Secret:snow_vmcred -Environment Production
|
||||
Connect-ITDvCenter -Credential $Secret:ndgov_svcitdvmvcro
|
||||
|
||||
$AllVMHosts = Get-VMHost
|
||||
$CurrentState = Get-ITDVMwareVMHostStatus -Name $AllVMHosts
|
||||
$LockdownDisabled = $CurrentState | where-object lockdownmode -eq lockdowndisabled
|
||||
|
||||
If ($LockdownDisabled) {
|
||||
|
||||
ForEach ($VMHost in ($LockdownDisabled | Select -First 2)) {
|
||||
Write-Verbose -Message "Start $($VMHost.Name) incident creation"
|
||||
$NewIncidentParams = @{
|
||||
CallerUsername = 'svcvmwareadm';
|
||||
ShortDescription = ("Lockdown Mode is disabled on VMware host " + $VMHost.Name);
|
||||
Description = ("Lockdown Mode is disabled on VMware host " + $VMHost.Name + ". Lockdown mode is a required for CIS hardening compliance 3.20 (L1)");
|
||||
Impact = 3;
|
||||
Urgency = 1;
|
||||
Category = 'Cloud Platforms'
|
||||
Subcategory = 'Virtualization'
|
||||
AssignmentGroup = 'NDIT-Cloud Platforms'
|
||||
}
|
||||
New-ITDServiceNowIncident @NewIncidentParams
|
||||
}
|
||||
}
|
||||
|
||||
Disconnect-ITDvCenter
|
||||
}
|
||||
|
||||
end {
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user