MVP - noelbundick/config-analyzer GitHub Wiki

The goal of the project is to prototype a tool that can

• examine an Azure configuration
• identify potential issues, starting with items related to Azure + VNETs
• generate a report such that operators can improve their infrastructure

---

P0

• Read the details for VNETs and resources that are currently deployed in an Azure subscription / resource group
• Identify known potential issues

P1

• Read the details for VNETs and resources that are defined in an ARM template or Terraform configuration
• When possible, propose specific code changes and/or provide documentation links for issues found

Future

• New configuration issues can be identified without the need to change code, recompile, or redownload the entire application

---

• CI via GitHub Actions
  • Test framework TBD
  • CLI framework TBD
• CLI app written in TypeScript
• Connect to the Azure REST API and pull down a list of resources via the JS SDK
• Define rules that represent a potential configuration issue
  • First rule: Storage account w/ private endpoint, but the public endpoint is still enabled
• Parse the resources and determine if any of them match our rules