PowerShell brings automation and automation can be key to running an environment. The problem is, if it isn’t controlled, “automation” can be used against you.
If you have an Azure environment, you may know that you can connect using either PowerShell or Bash. You can set this up on any machine by loading PowerShell for example and running:
- Install-Module az
This will give you a login box in which you can use your Azure credentials.
This is the first step that requires a little locking down. It will make more sense later on however, you should defiantly look to enable Conditional Access around the application Microsoft Azure Management. This application includes PowerShell.
If MFA is not enabled, this prompt can be passed using single factor. Once in, I could run the following:
Now if I didn’t add the -WhatIf, it would have deleted all my VMs. The disks…
View original post 318 more words