v0.2.0 release (#24)

* v0.2.0 release

.gitattributes

@@ -0,0 +1 @@
+**/*.psd1  diff

.github/workflows/run_opa_tests.yaml

@@ -2,6 +2,7 @@ name: Run OPA Tests
 on:
   # Run tests on each commit, newly opened/reopened PR, and
   # PR review submission (e.g. approval)
+  workflow_dispatch:
   push:
     paths:
       - "**.rego"
@@ -30,4 +31,4 @@ jobs:
       run: opa check --strict Rego Testing
 
     - name: Run OPA Tests
-      run: opa test Rego/*.rego Testing/**/*.rego -v
+      run: opa test Rego/*.rego Testing/Unit/Rego/**/*.rego -v

.gitignore

@@ -14,4 +14,15 @@
 /output
 /example
 /M365Baseline*
-/Reports*
+/Reports*
+/utils/Reports*
+/utils/output
+/utils/M365Baseline*
+
+# IDE
+/.vscode
+
+# Reports
+**/M365BaselineConformance*
+/Testing/Functional/Reports*
+/Testing/Functional/Archive*

AllowBasicAuthentication.ps1

@@ -1,29 +1,57 @@
 #Requires -RunAsAdministrator
 
-# Run this script to enable basic authentication on your local desktop if you get an error when connecting to Exchange Online.
-# See README file Troubleshooting section for details.
-#
-# This script requires administrative privileges on your local desktop and updates a registry key.
-#
-$regPath = 'Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client'
-$regKey = 'AllowBasic'
+<#
+    .SYNOPSIS
+        Set Registry to allow basic authentication for WinRM Client
+
+    .DESCRIPTION
+        Run this script to enable basic authentication on your local desktop if you get an error when connecting to Exchange Online.
+
+    .NOTES
+        See README file Troubleshooting section for details.
+        This script requires administrative privileges on your local desktop and updates a registry key.
+#>
+
+function Test-RegistryKey {
+    <#
+        .SYNOPSIS
+            Test if registry key exists
+    #>
+    param (
+        [parameter (Mandatory = $true)]
+        [ValidateNotNullOrEmpty()]$Path,
+        [parameter (Mandatory = $true)]
+        [ValidateNotNullOrEmpty()]$Key
+    )
 
-if (Test-Path -LiteralPath $regPath){
     try {
-        $allowBasic = Get-ItemPropertyValue -Path $regPath -Name $regKey -ErrorAction Stop
-    }
-    catch [System.Management.Automation.PSArgumentException]{
-        Write-Error -Message "Key, $regKey, was not found"
+        Get-ItemProperty -Path $Path -Name $Key -ErrorAction Stop | Out-Null
+        return $true
     }
-    catch{
-        Write-Error -Message "Unexpected error occured attempting to get registry key, $regKey."
+    catch {
+        return $false
     }
+}
 
-    if ($allowBasic -ne '1'){
+$regPath = 'Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client'
+$regKey = 'AllowBasic'
+
+if (-Not $(Test-Path -LiteralPath $regPath)) {
+    New-Item -Path $regPath -Force | Out-Null
+    New-ItemProperty -Path $regPath -Name $regKey | Out-Null
+} elseif (-Not $(Test-RegistryKey -Path $regPath -Key $regKey)) {
+    New-ItemProperty -Path $regPath -Name $regKey | Out-Null
+}
+
+try {
+    $allowBasic = Get-ItemPropertyValue -Path $regPath -Name $regKey -ErrorAction Stop
+
+    if ($allowBasic -ne '1') {
         Set-ItemProperty -Path $regPath -Name $regKey -Type DWord -Value '1'
     }
 }
-else {
-    Write-Error -Message "Registry path not found: $regPath"
+catch {
+    Write-Error -Message "Unexpected error occured attempting to update registry key, $regKey."
 }
 
+

PowerShell/ScubaGear/Dependencies.ps1

@@ -0,0 +1,41 @@
+#Requires -Version 5.1
+<#
+    .SYNOPSIS
+        This script verifies the required Powershell modules used by the
+        assessment tool are installed.
+    .DESCRIPTION
+        Verifies a supported version of the modules required to support SCuBAGear are installed.
+#>
+
+$RequiredModulesPath = Join-Path -Path $PSScriptRoot -ChildPath "RequiredVersions.ps1"
+if (Test-Path -Path $RequiredModulesPath){
+  . $RequiredModulesPath
+}
+
+if (!$ModuleList){
+   throw "Required modules list is required."
+}
+
+foreach ($Module in $ModuleList) {
+    $InstalledModuleVersions = Get-Module -ListAvailable -Name $($Module.ModuleName)
+    $FoundAcceptableVersion = $false
+
+    foreach ($ModuleVersion in $InstalledModuleVersions){
+
+        if (($ModuleVersion.Version -ge $Module.ModuleVersion) -and ($ModuleVersion.Version -le $Module.MaximumVersion)){
+            $FoundAcceptableVersion = $true
+            break;
+        }
+    }
+
+    if (-not $FoundAcceptableVersion) {
+        throw [System.IO.FileNotFoundException] "No acceptable installed version found for module: $($Module.ModuleName)
+        Required Min Version: $($Module.ModuleVersion) | Max Version: $($Module.MaximumVersion)
+        Run Get-InstalledModule to see a list of currently installed modules
+        Run SetUp.ps1 or Install-Module $($Module.ModuleName) -force to install the latest version of $($Module.ModuleName)"
+    }
+}
+
+
+
+

PowerShell/ScubaGear/Modules/Connection/ConnectHelpers.psm1

@@ -0,0 +1,33 @@
+function Connect-EXOHelper {
+    <#
+    .Description
+    This function is used for assisting in connecting to different M365 Environments for EXO.
+    .Functionality
+    Internal
+    #>
+    [CmdletBinding()]
+    param(
+        [Parameter(Mandatory = $true)]
+        [ValidateSet("commercial", "gcc", "gcchigh", "dod", IgnoreCase = $false)]
+        [string]
+        $M365Environment
+    )
+    switch ($M365Environment) {
+        {($_ -eq "commercial") -or ($_ -eq "gcc")} {
+            Connect-ExchangeOnline -ShowBanner:$false -ErrorAction "Stop" | Out-Null
+        }
+        "gcchigh" {
+            Connect-ExchangeOnline -ShowBanner:$false -ExchangeEnvironmentName "O365USGovGCCHigh" -ErrorAction "Stop" | Out-Null
+        }
+        "dod" {
+            Connect-ExchangeOnline -ShowBanner:$false -ExchangeEnvironmentName "O365USGovDoD" -ErrorAction "Stop" | Out-Null
+        }
+        default {
+            throw "Unsupported or invalid M365Environment argument"
+        }
+    }
+}
+
+Export-ModuleMember -Function @(
+    'Connect-EXOHelper'
+)