### Example Usage of Storage Lab Generator Source: https://www.purplecloud.network/tools/storage An example of how to run the storage lab generator script, specifying a storage name and Azure region. ```bash python3 storage.py -n mystoragename -l eastus ``` -------------------------------- ### Install git-lfs on Ubuntu Source: https://www.purplecloud.network/install Install the git-lfs extension on Ubuntu Linux to support large file downloads. ```bash apt-get install git-lfs ``` -------------------------------- ### Deploy Sentinel Lab with Domain Controller and Custom Users from CSV Source: https://www.purplecloud.network/tools/sentinel Similar to the previous example, but imports a custom list of Domain Users from a CSV file into Active Directory on the DC instance. The script validates the user format. The provided CSV example shows the expected format for importing users. ```python python3 sentinel.py --domain_controller --ad_domain rtcfingroup.com --admin RTCAdmin --password MyPassword012345 --csv users.csv --endpoints 2 --domain_join ``` ```csv name,upn,password,groups,oupath,domain_admin Lars Borgerson,larsborgerson@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,False Olivia Odinsdottir,oliviaodinsdottir@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,True Liem Anderson,liemanderson@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,False John Nilsson,johnnilsson@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,False Jason Lindqvist,jasonlindqvist@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,True ``` -------------------------------- ### Build Velociraptor + Hunting ELK Server Source: https://www.purplecloud.network/tools/ad This command initiates the setup of a Velociraptor and Hunting ELK server, along with a Windows 10 endpoint. It configures winlogbeat for log shipping to HELK and installs Velociraptor agents on both the server and endpoint. The endpoint automatically registers with the Velociraptor server. A terraform file (helk.tf) is generated for the HELK server setup. ```python python3 ad.py --helk --endpoint 1 ``` -------------------------------- ### Basic ADFS Lab Setup Source: https://www.purplecloud.network/tools/adfs Generates a lab with a single ADFS server and Domain Controller using a self-signed certificate. Creates five AD users and associated Terraform files for infrastructure definition. ```python python3 adfs.py ``` -------------------------------- ### ADFS Server Information Log Source: https://www.purplecloud.network/tools/adfs Example log output detailing the creation of the ADFS Terraform file and ADFS server information, including hostname, FQDN, and sign-on endpoint. ```log [+] Creating the adfs terraform file: adfs.tf [+] ADFS Server Information: [+] Server Hostname: adfs [+] FQDN: adfs.rtc.local [+] Signon Endpoint: https://adfs.rtc.local/adfs/ls/idpinitiatedsignon.aspx [+] Building with Self-Signed certificate ``` -------------------------------- ### Generate Domain Controller with Custom Users from CSV Source: https://www.purplecloud.network/tools/ad Similar to the previous example, this command sets up a Domain Controller and domain-joined endpoints but imports custom user data from a specified CSV file. The script validates the format of the users in the CSV. ```bash python3 ad.py --domain_controller --ad_domain rtcfingroup.com --admin RTCAdmin --password MyPassword012345 --csv users.csv --endpoints 2 --domain_join ``` -------------------------------- ### Example CSV Format for Custom Users Source: https://www.purplecloud.network/tools/ad This is an example of the expected CSV format for importing custom domain users. It includes fields for name, UPN, password, groups, OU path, and domain admin status. ```csv name,upn,password,groups,oupath,domain_admin Lars Borgerson,larsborgerson@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,False Olivia Odinsdottir,oliviaodinsdottir@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,True Liem Anderson,liemanderson@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,False John Nilsson,johnnilsson@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,False Jason Lindqvist,jasonlindqvist@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,True ``` -------------------------------- ### RDP Connection Cheat Sheet for Azure AD Login Source: https://www.purplecloud.network/tools/aadjoin This snippet shows example commands to connect to Ubuntu Linux VMs using RDP with Azure AD credentials. Ensure your IP address is whitelisted in Azure NSGs. ```bash xfreerdp --no-nla -u "AzureAD\chasemiller@rtcfingroup.com" -p "cosmic-stingray-96W-r" --ignore-certificate 20.124.129.181 xfreerdp --no-nla -u "AzureAD\arielparsons@rtcfingroup.com" -p "cosmic-stingray-96W-r" --ignore-certificate 20.124.129.181 xfreerdp --no-nla -u "AzureAD\michaelbarnett@rtcfingroup.com" -p "cosmic-stingray-96W-r" --ignore-certificate 20.124.129.181 xfreerdp --no-nla -u "AzureAD\brandongonzalez@rtcfingroup.com" -p "cosmic-stingray-96W-r" --ignore-certificate 20.124.129.181 xfreerdp --no-nla -u "AzureAD\jessicafields@rtcfingroup.com" -p "cosmic-stingray-96W-r" --ignore-certificate 20.124.129.181 xfreerdp --no-nla -u "AzureAD\brittanyriddle@rtcfingroup.com" -p "cosmic-stingray-96W-r" --ignore-certificate 20.124.129.181 xfreerdp --no-nla -u "AzureAD\rebeccaperry@rtcfingroup.com" -p "cosmic-stingray-96W-r" --ignore-certificate 20.124.129.181 xfreerdp --no-nla -u "AzureAD\josephedwards@rtcfingroup.com" -p "cosmic-stingray-96W-r" --ignore-certificate 20.124.129.181 xfreerdp --no-nla -u "AzureAD\christopherandersen@rtcfingroup.com" -p "cosmic-stingray-96W-r" --ignore-certificate 20.124.129.181 xfreerdp --no-nla -u "AzureAD\kevinmiller@rtcfingroup.com" -p "cosmic-stingray-96W-r" --ignore-certificate 20.124.129.181 ``` -------------------------------- ### Default VM Instance Sizes in ad.py Source: https://www.purplecloud.network/cost Modify these variables in ad.py to change the default hardware instance sizes for each VM. Note that Hunting ELK install option #4 requires 8 GB available memory. ```python # The instance size for each system size_win10 = "Standard_D2as_v4" size_dc = "Standard_D2as_v4" # Note: Hunting ELK install options #4 requires 8 GB available memory size_helk = "Standard_D4s_v3" ``` -------------------------------- ### Install Python Faker Library Source: https://www.purplecloud.network/install Install the Python faker library using pip3. This is a dependency for several Python scripts used in the project. ```bash pip3 install faker ``` -------------------------------- ### ADFS + DC with Windows 10 and Custom Users from CSV Source: https://www.purplecloud.network/tools/adfs Similar to the previous example, but imports custom Domain Users from a CSV file. The script validates the user format in the specified CSV file. ```python python3 adfs.py --ad_domain rtcfingroup.com --admin RTCAdmin --password MyPassword012345 --csv users.csv --endpoints 1 --domain_join --ad_users 500 ``` ```csv name,upn,password,groups,oupath,domain_admin Lars Borgerson,larsborgerson@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,False Olivia Odinsdottir,oliviaodinsdottir@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,True Liem Anderson,liemanderson@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,False John Nilsson,johnnilsson@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,False Jason Lindqvist,jasonlindqvist@rtcfingroup.com,MyPassword012345,IT,OU=IT;DC=rtcfingroup;DC=com,True ``` -------------------------------- ### Generate One Windows 10 Endpoint with Sysmon Source: https://www.purplecloud.network/tools/ad Creates a single Windows 10 endpoint with Sysmon installed. A random password for the default 'RTCAdmin' local administrator account is generated. This command also generates several Terraform files for infrastructure setup. ```bash python3 ad.py --endpoint 1 ``` -------------------------------- ### Azure AD Join Lab with User Assigned Identity Source: https://www.purplecloud.network/tools/aadjoin Similar to the previous example, but adds a User Assigned Identity to all VMs with a specified role on the subscription. Possible roles include reader, contributor, and owner. ```python python3 aadjoin.py --upn rtcfingroup.com --endpoints 3 --count 30 --user_identity reader ``` -------------------------------- ### Windows 10 Endpoint Configuration Source: https://www.purplecloud.network/tools/ad Defines the configuration for Windows 10 endpoints, including hostname, domain join status, auto-logon settings, and the installation of Sysmon and Atomic Red Team. ```python config_win10_endpoint = { "hostname_base":"win10", "join_domain":"false", "auto_logon_domain_user":"false", "install_sysmon":sysmon_endpoint_config, "install_art":"true", } ``` -------------------------------- ### Deploy Sentinel Lab with One Windows 10 Endpoint and Sysmon Source: https://www.purplecloud.network/tools/sentinel Generates a single Windows 10 Endpoint with Sysmon and Atomic Red Team (ART) installed. All Windows 10 Pro systems will automatically send logs to Sentinel. ```python python3 sentinel.py --endpoint 1 ``` -------------------------------- ### Query Office 365 Enriched Audit Logs with KQL Source: https://www.purplecloud.network/tools/sentinel Selects all Enriched Microsoft 365 Audit logs. This query can be used as a starting point for more specific log analysis. ```kql EnrichedMicrosoft365AuditLogs ``` -------------------------------- ### Initialize, Plan, and Apply Terraform Source: https://www.purplecloud.network/install Standard Terraform commands to initialize the project, create an execution plan, and apply the plan to deploy resources. ```bash terraform init terraform plan -out=run.plan terraform apply run.plan ``` -------------------------------- ### Generate Domain Controller with Users and Domain-Joined Endpoints Source: https://www.purplecloud.network/tools/ad Sets up a Domain Controller with a specified forest name, custom administrator credentials, and randomly generated domain users. It also creates multiple Windows 10 Pro endpoints that are joined to the domain. Domain join is enabled by default for Windows 10 Pro when using the `domain_join` parameter. ```bash python3 ad.py --domain_controller --ad_domain rtcfingroup.com --admin RTCAdmin --password MyPassword012345 --ad_users 500 --endpoints 2 --domain_join ``` -------------------------------- ### Deploy Sentinel Lab with Domain Controller and Random Users Source: https://www.purplecloud.network/tools/sentinel Creates a Microsoft Sentinel deployment, including a Domain Controller with a specified forest name, custom administrator account, and a number of randomly generated domain users. Domain join is enabled for Windows 10 Pro endpoints, and logs are shipped to Log Analytics Workspace. ```python python3 sentinel.py --domain_controller --ad_domain rtcfingroup.com --admin RTCAdmin --password MyPassword012345 --ad_users 500 --endpoints 2 --domain_join ``` -------------------------------- ### Generate Basic Azure AD Lab Source: https://www.purplecloud.network/tools/aad Generates a basic Azure AD lab with a specified UPN suffix and 100 users. Outputs user details, usernames, emails, and Terraform configuration for users. ```bash python3 azure_ad.py --upn rtcfingroup.com ``` -------------------------------- ### Azure Linux Virtual Machines Pricing Source: https://www.purplecloud.network/cost Reference for the most up-to-date pricing on Azure Linux Virtual Machines. ```url https://azure.microsoft.com/en-us/pricing/details/virtual-machines/linux/ ``` -------------------------------- ### Specify Number of Endpoints Source: https://www.purplecloud.network/tools/aadjoin Use the --endpoints parameter to specify the number of Windows 10 virtual machines to build. This is a required parameter. ```bash --endpoints ``` -------------------------------- ### Navigate to Generator Directory Source: https://www.purplecloud.network/tools/midentity Before running the script, navigate to the generator's directory. ```bash cd generators/managed_identity ``` -------------------------------- ### Generate Azure AD Lab with Applications and Groups Source: https://www.purplecloud.network/tools/aad Generates an Azure AD lab with 500 users, 3 applications, and 5 groups. Users are automatically distributed into separate groups. Outputs Terraform files for applications and groups. ```bash python3 azure_ad.py --upn rtcfingroup.com --count 500 --apps 3 --groups 5 ``` -------------------------------- ### Basic Azure AD Join Lab Source: https://www.purplecloud.network/tools/aadjoin Generates a single Windows 10 system joined to Azure AD with 10 users. This creates various Terraform files and user output files for the lab environment. ```python python3 aadjoin.py --upn rtcfingroup.com --endpoints 1 ``` -------------------------------- ### Navigate to ad.py Directory Source: https://www.purplecloud.network/tools/ad Before running any ad.py commands, navigate to the generator's directory. ```bash cd generators/ad ``` -------------------------------- ### Navigate to Sentinel Generator Directory Source: https://www.purplecloud.network/tools/sentinel Before running the Sentinel lab generator, navigate to its directory using the cd command. ```bash cd generators/sentinel ``` -------------------------------- ### Azure Windows Virtual Machine Pricing Source: https://www.purplecloud.network/cost Reference for the most up-to-date pricing on Azure Windows Virtual Machines. ```url https://azure.microsoft.com/en-us/pricing/details/virtual-machines/windows/ ``` -------------------------------- ### Azure AD Join Lab with 30 Users and 3 VMs Source: https://www.purplecloud.network/tools/aadjoin Creates 30 users in Azure AD and three Windows 10 VMs for Azure AD join. A random password for all users is displayed at the end of 'terraform apply'. ```python python3 aadjoin.py --upn rtcfingroup.com --endpoints 3 --count 30 ``` -------------------------------- ### Navigate to Azure AD Generator Directory Source: https://www.purplecloud.network/tools/aad Before running the script, navigate to the generator's directory. ```bash cd generators/azure_ad ``` -------------------------------- ### ADFS + DC with Windows 10 and Random Users Source: https://www.purplecloud.network/tools/adfs Builds an Active Directory domain with ADFS, joins the ADFS server, and creates one Windows 10 Pro endpoint. Generates 500 random AD users, assigning them to groups and OUs. ```python python3 adfs.py --ad_domain rtcfingroup.com --admin RTCAdmin --password MyPassword012345 --endpoints 1 --domain_join --ad_users 500 ``` -------------------------------- ### Deploy Basic Microsoft Sentinel Lab Source: https://www.purplecloud.network/tools/sentinel Generates a Microsoft Sentinel lab with a Log Analytics workspace. This command also creates terraform HCL files for sentinel.tf and providers.tf. Use -l to specify a location other than the default 'eastus'. ```python python3 sentinel.py ``` -------------------------------- ### Navigate to ADFS Generator Directory Source: https://www.purplecloud.network/tools/adfs Before running the ADFS generator, navigate to its directory using the command line. ```bash cd generators/adfs ``` -------------------------------- ### Navigate to Generator Directory Source: https://www.purplecloud.network/tools/storage Change the current directory to the storage generator's location within the project. ```bash cd generators/storage ``` -------------------------------- ### Deploy Sentinel Lab with Office 365 and Azure AD Connectors Source: https://www.purplecloud.network/tools/sentinel Generates a Microsoft Sentinel lab with a Log Analytics workspace and optionally enables the Office 365 data connector (-odc) and Azure AD data connector (-adc). ```python python3 sentinel.py -odc -adc ``` -------------------------------- ### Navigate to aadjoin Directory Source: https://www.purplecloud.network/tools/aadjoin Before running the generator script, navigate to its directory using the cd command. ```bash cd generators/aadjoin ``` -------------------------------- ### Query Azure Sign-in Logs with KQL Source: https://www.purplecloud.network/tools/sentinel Retrieves Azure Sign-in logs from the last 7 days, projecting key details like TimeGenerated, UserPrincipalName, AppDisplayName, IPAddress, and Status. ```kql SigninLogs | where TimeGenerated >= ago(7d) | project TimeGenerated, UserPrincipalName, AppDisplayName, ResourceDisplayName, IPAddress, Status | order by TimeGenerated desc ``` -------------------------------- ### Clone PurpleCloud Repository Source: https://www.purplecloud.network/install Clone the PurpleCloud repository from GitHub to your local machine. ```bash git clone https://github.com/iknowjason/PurpleCloud.git ``` -------------------------------- ### Export Azure Service Principal Environment Variables Source: https://www.purplecloud.network/install Set these environment variables to authenticate using an Azure Service Principal. Replace placeholders with your actual values. ```bash export ARM_SUBSCRIPTION_ID="YOUR_SERVICE_PRINCIPAL_VALUES" export ARM_TENANT_ID="YOUR_SERVICE_PRINCIPAL_VALUES" export ARM_CLIENT_ID="YOUR_SERVICE_PRINCIPAL_VALUES" export ARM_CLIENT_SECRET="YOUR_SERVICE_PRINCIPAL_VALUES" ``` -------------------------------- ### Generate Azure AD Lab with 1,000 Users Source: https://www.purplecloud.network/tools/aad Generates an Azure AD lab with 1,000 users. A random password will be generated for all users upon terraform apply, which can be retrieved using 'terraform output'. ```bash python3 azure_ad.py --upn rtcfingroup.com --count 1000 ``` -------------------------------- ### Query Sysmon Logs with KQL Source: https://www.purplecloud.network/tools/sentinel Use this query to retrieve all Sysmon logs from the last 24 hours. It parses and expands event data to extract specific details like username. ```kql Event | where TimeGenerated > ago(24h) | where Source == "Microsoft-Windows-Sysmon" | extend EventDataXml = parse_xml(EventData).DataItem.EventData.Data | mv-expand bagexpansion=array EventDataXml | extend EventKey = tostring(EventDataXml['@Name']), EventValue = tostring(EventDataXml['#text']) | extend Username = iff(EventKey == "User", EventValue, "") | project TimeGenerated, Computer, EventID, RenderedDescription, Username, EventKey, EventValue | summarize EventDetails=make_bag(pack(EventKey, EventValue)), Username=any(Username) by TimeGenerated, Computer, EventID, RenderedDescription | order by TimeGenerated desc ``` -------------------------------- ### Generate Service Principal Abuse Attack Primitives Lab Source: https://www.purplecloud.network/tools/aad Generates an Azure AD lab with 25 users and includes service principal abuse attack primitives. It creates 7 applications, assigns Application Administrator role to a user, Global Administrator role to an SP, and Privileged Role Administrator role to another SP. ```bash python3 azure_ad.py -c 25 --upn rtcfingroup.com --apps 7 -aa -ga -pra ``` -------------------------------- ### Query Microsoft Graph Activity Logs with KQL Source: https://www.purplecloud.network/tools/sentinel Selects all Microsoft Graph Activity logs. This query is a basic selection and can be further filtered as needed. ```kql MicrosoftGraphActivityLogs ``` -------------------------------- ### Default AD User Configuration Source: https://www.purplecloud.network/tools/ad Specifies the structure for default Active Directory users, including name, organizational unit, password, domain admin status, and group membership. This serves as a template for the first few users created. ```python default_ad_users = [ { "name":"Lars Borgerson", "ou": "CN=users,DC=rtc,DC=local", "password": get_password(), "domain_admin":"", "groups":"IT" }, ``` -------------------------------- ### Query Windows Security Event Logs with KQL Source: https://www.purplecloud.network/tools/sentinel This query retrieves all Windows Security event logs from the past 24 hours. It parses event data to extract details such as TargetUserName and SubjectUserName. ```kql Event | where TimeGenerated > ago(24h) | where EventLog == "Security" | extend EventDataXml = parse_xml(EventData).DataItem.EventData.Data | mv-expand bagexpansion=array EventDataXml | extend EventKey = tostring(EventDataXml['@Name']), EventValue = tostring(EventDataXml['#text']) | extend Username = iff(EventKey == "TargetUserName" or EventKey == "SubjectUserName", EventValue, "") | project TimeGenerated, Computer, EventID, RenderedDescription, Username, EventKey, EventValue | summarize EventDetails=make_bag(pack(EventKey, EventValue)), Username=any(Username) by TimeGenerated, Computer, EventID, RenderedDescription | order by TimeGenerated desc ``` -------------------------------- ### Run Azure Storage Lab Generator Source: https://www.purplecloud.network/tools/storage Execute the storage lab generator script with specified name and location. This command generates Terraform HCL files for storage and provider configurations. ```bash python3 storage.py -n -l ``` -------------------------------- ### Specify UPN Suffix Domain Source: https://www.purplecloud.network/tools/aadjoin Use the --upn parameter to specify the UPN suffix domain for the Azure AD join. This is a required parameter. ```bash --upn ``` -------------------------------- ### ADFS with Trusted CA Certificate Source: https://www.purplecloud.network/tools/adfs Deploys an ADFS server and DC, importing a trusted CA signed certificate. Specify the certificate file and password using --trusted_cert and --pfx_password, and set the AD domain with --ad_domain. ```python python3 adfs.py --trusted_cert adfs.pfx --pfx_password password --ad_domain rtcsecurity.net ``` -------------------------------- ### Query Azure Audit Logs with KQL Source: https://www.purplecloud.network/tools/sentinel Fetches Azure Audit logs from the past 7 days, including OperationName, TargetResources, InitiatedBy, and ResultReason. ```kql AuditLogs | where TimeGenerated >= ago(7d) | project TimeGenerated, OperationName, TargetResources, InitiatedBy, ResultReason | order by TimeGenerated desc ``` -------------------------------- ### Azure NSG Source IP Configuration Source: https://www.purplecloud.network/tools/ad Configures the source IP address for Azure Network Security Groups. It demonstrates how to dynamically fetch the public IP or use a hardcoded fallback. ```terraform locals { src_ip = chomp(data.http.firewall_allowed.response_body) #src_ip = "0.0.0.0/0" } ``` -------------------------------- ### Generate Lab with User Assigned Identity (Contributor Role) Source: https://www.purplecloud.network/tools/midentity Generates Terraform HCL for a managed identity lab with a user-assigned identity assigned the Contributor role on the subscription. ```python python3 managed_identity.py -u rtcfingroup.com -ua contributor ``` -------------------------------- ### Add Sysmon Channel in Log Analytics Agents Configuration Source: https://www.purplecloud.network/tools/adfs Configure the Log Analytics agent to collect Sysmon operational events. This is a required step for viewing Sysmon logs in Sentinel. ```text Microsoft-Windows-Sysmon/Operational ``` -------------------------------- ### Generate Lab with User Assigned Identity (Reader Role) Source: https://www.purplecloud.network/tools/midentity Generates Terraform HCL for a managed identity lab with a user-assigned identity assigned the Reader role on the subscription. ```python python3 managed_identity.py -u rtcfingroup.com -ua reader ``` -------------------------------- ### Configure VM Source IP for NSG Whitelisting Source: https://www.purplecloud.network/tools/midentity Defines the source IP address for whitelisting Azure Network Security Groups (NSGs). By default, it uses the public IP of the workstation running Terraform. It can be configured to allow all IP addresses or a specific IP. ```terraform # This is the src_ip for white listing Azure NSGs locals { src_ip = chomp(data.http.firewall_allowed.response_body) #src_ip = "0.0.0.0/0" } ``` -------------------------------- ### Terraform Configuration for Source IP Source: https://www.purplecloud.network/tools/aadjoin This Terraform configuration snippet defines a local variable 'src_ip' to capture the source IP address from an HTTP data source. It's used for network security group configurations. ```hcl locals { src_ip = chomp(data.http.firewall_allowed.response_body) #src_ip = "0.0.0.0/0" } ``` -------------------------------- ### Destroy Terraform Resources Source: https://www.purplecloud.network/install Use this command to destroy all resources managed by your Terraform configuration. Ensure you have reviewed the plan before execution. ```bash terraform destroy ``` -------------------------------- ### Configure Azure AD User Role Source: https://www.purplecloud.network/tools/midentity Defines the role for the Azure AD user. The default role is 'Virtual Machine Contributor', but it can be set to 'Contributor', 'Reader', or 'Owner'. ```terraform # The role scoped to subscription for AAD user # uncomment as needed variable "user_role" { default = "Virtual Machine Contributor" #default = "Contributor" #default = "Reader" #default = "Owner" } ``` -------------------------------- ### Generate Lab with User Assigned Identity (Owner Role) and System Assigned Identity Source: https://www.purplecloud.network/tools/midentity Generates Terraform HCL for a managed identity lab with a user-assigned identity assigned the Owner role and a system-assigned identity enabled for the VM. ```python python3 managed_identity.py -u rtcfingroup.com -n rtcfin -l eastus -a RTCAdmin -p MyPassword012345 -ua owner -sa ``` -------------------------------- ### Terraform Network Security Group Source IP Configuration Source: https://www.purplecloud.network/tools/sentinel Configures the source IP address for Azure Network Security Groups. Defaults to '0.0.0.0/0' for wide open access, but can be customized. ```terraform locals { #src_ip = chomp(data.http.firewall_allowed.response_body) src_ip = "0.0.0.0/0" } ``` -------------------------------- ### Assign Azure Role for Service Principal Source: https://www.purplecloud.network/install Assigns a specific role to a Service Principal for managing Azure resources. Replace `` with the Service Principal's object ID. ```bash az role assignment create --assignee-principal-type ServicePrincipal --assignee-object-id --scope "/providers/Microsoft.aadiam" --role b24988ac-6180-42a0-ab88-20f7382dd24c ``` -------------------------------- ### Assign Role to User Assigned Identity (UAI) Source: https://www.purplecloud.network/tools/midentity Assigns a role to a User Assigned Identity (UAI). The scope can be customized to a specific resource like a Key Vault or set to the subscription level. The default role is 'reader' on the subscription. ```terraform # Assign the reader role on the Key vault to the Managed Identity resource "azurerm_role_assignment" "uai" { #Scope to the key vault in line below #scope = azurerm_key_vault.example.id #Scope to the subscription in line below scope = data.azurerm_subscription.mi.id role_definition_name = "ROLE_DEFINITION_NAME" principal_id = azurerm_user_assigned_identity.uai.principal_id } ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.