ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-04-14 00:19:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: adapt Microsoft365 provider to use PowerShell (#7331)

Browse Source 
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
This commit is contained in:
Hugo Pereira Brito
2025-04-15 19:24:09 +02:00
committed by GitHub
parent c0d935e232
commit 52bd48168f
190 changed files with 3136 additions and 1569 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
docs/tutorials/configuration_file.md
View File

@@ -97,14 +97,15 @@ The following list includes all the Kubernetes checks with configurable variable
| `kubelet_strong_ciphers_only` | `kubelet_strong_ciphers` | String |
## Microsoft365
## M365
### Configurable Checks
The following list includes all the Microsoft365 checks with configurable variables that can be changed in the configuration yaml file:
The following list includes all the Microsoft 365 checks with configurable variables that can be changed in the configuration yaml file:
| Check Name | Value | Type |
|---------------------------------------------------------------|--------------------------------------------------|-----------------|
| `entra_admin_users_sign_in_frequency_enabled` | `sign_in_frequency` | Integer |
| `teams_external_file_sharing_restricted` | `allowed_cloud_storage_services` | List of Strings |
## Config YAML File Structure
@@ -504,10 +505,20 @@ kubernetes:
"TLS_RSA_WITH_AES_128_GCM_SHA256",
]
# Microsoft365 Configuration
microsoft365:
# Conditional Access Policy
# policy.session_controls.sign_in_frequency.frequency in hours
sign_in_frequency: 4
# M365 Configuration
m365:
# Entra Conditional Access Policy
# m365.entra_admin_users_sign_in_frequency_enabled
sign_in_frequency: 4 # 4 hours
# Teams Settings
# m365.teams_external_file_sharing_restricted
allowed_cloud_storage_services:
[
#"allow_box",
#"allow_drop_box",
#"allow_egnyte",
#"allow_google_drive",
#"allow_share_file",
]
```

17
docs/tutorials/microsoft365/authentication.md
View File

@@ -1,23 +1,28 @@
# Microsoft365 authentication
# Microsoft 365 authentication
By default Prowler uses MsGraph Python SDK identity package authentication methods using the class `ClientSecretCredential`.
This allows Prowler to authenticate against microsoft365 using the following methods:
This allows Prowler to authenticate against Microsoft 365 using the following methods:
- Service principal authentication by environment variables (Enterprise Application)
- Service principal and Microsoft user credentials by environment variabled (using PowerShell requires this authentication method)
- Current CLI credentials stored
- Interactive browser authentication
To launch the tool first you need to specify which method is used through the following flags:
```console
# To use service principal (app) authentication and Microsoft user credentials (to use PowerShell)
prowler m365 --env-auth
# To use service principal authentication
prowler microsoft365 --sp-env-auth
prowler m365 --sp-env-auth
# To use cli authentication
prowler microsoft365 --az-cli-auth
prowler m365 --az-cli-auth
# To use browser authentication
prowler microsoft365 --browser-auth --tenant-id "XXXXXXXX"
prowler m365 --browser-auth --tenant-id "XXXXXXXX"
```
To use Prowler you need to set up also the permissions required to access your resources in your Microsoft365 account, to more details refer to [Requirements](../../getting-started/requirements.md)
To use Prowler you need to set up also the permissions required to access your resources in your Microsoft 365 account, to more details refer to [Requirements](../../getting-started/requirements.md#microsoft-365)