🛡️ Audit-Azure

Enterprise-Grade Azure Security Compliance Platform

Features • Quick Start • Documentation • Architecture • Contributing

📖 About

Audit-Azure is a comprehensive, modular platform designed to audit Azure cloud environments for security compliance, operational best practices, and regulatory adherence. Built on FastAPI and powered by Azure SDK, it provides automated security assessments aligned with the Azure Security Benchmark and CIS Azure Foundations Benchmark.

Author: Adrian Johnson adrian207@gmail.com

🎯 Why Audit-Azure?

Comprehensive Coverage: 74+ security controls across all Azure Security Benchmark domains
Real-Time Auditing: Live evaluation of your Azure environment with instant findings
Evidence-Based: All findings backed by collected evidence and remediation guidance
Extensible Architecture: Plugin-based evaluator system for custom security checks
Production Ready: Enterprise-grade API with database persistence and web UI
Open Source: MIT licensed, community-driven development

✨ Features

🔍 Security Assessment

Multi-Domain Coverage: Identity, Network Security, Data Protection, Logging & Monitoring, Vulnerability Management
Azure Security Benchmark: Full implementation of Microsoft's security baseline (v3.0)
CIS Benchmarks: Compliance checking against CIS Azure Foundations
Secure Score Integration: Direct integration with Microsoft Defender for Cloud

🎨 User Experience

Modern Web UI: React-based dashboard for visualization and reporting
REST API: Full-featured FastAPI backend with OpenAPI documentation
Real-Time Updates: Live evaluation results and finding aggregation
Export Capabilities: JSON, CSV, and PDF report generation

🏗️ Architecture

Pluggable Evaluators: Python-based modular security checks
Evidence Collection: Automated Azure resource data gathering via Resource Graph
Database Persistence: SQLAlchemy ORM with SQLite/PostgreSQL support
Control Catalog: YAML-based control definitions and mappings
Remediation Scripts: PowerShell and Azure CLI automated fixes

🔐 Security Domains

Domain	Controls	Description
Identity & Access Management (IM)	12	MFA, privileged access, service principals
Network Security (NS)	11	NSG rules, network segmentation, DDoS protection
Data Protection (DP)	8	Encryption, key management, data classification
Logging & Monitoring (LM)	9	Audit logs, security monitoring, alerting
Asset Management (AM)	7	Inventory, tagging, approved services
Posture & Vulnerability Management (PV)	8	Secure Score, vulnerability scanning, patching
Azure Policy (AP)	10	Policy compliance, governance, initiatives
Endpoint Security (ES)	5	EDR, antimalware, device compliance
Backup & Recovery (BR)	4	Backup policies, disaster recovery

🚀 Quick Start

Prerequisites

Python 3.8+ (Download)
Node.js 18+ (Download)
Azure Subscription (Free Trial)
Azure CLI (recommended) (Install Guide)

Installation

Windows

# Clone the repository
git clone https://github.com/adrian207/Audit-Azure.git
cd Audit-Azure

# Run automated installer
.\install.bat

# Start the platform
.\run_all.bat

Linux/macOS

# Clone the repository
git clone https://github.com/adrian207/Audit-Azure.git
cd Audit-Azure

# Make scripts executable and install
chmod +x install.sh run_all.sh
sudo ./install.sh

# Start the platform
./run_all.sh

Docker Deployment

# Build and run with Docker Compose
docker-compose up -d

# Access the platform
# API: http://localhost:8000
# UI:  http://localhost:3000

Azure Authentication

Option 1: Azure CLI (Recommended for Development)

az login
az account set --subscription "Your-Subscription-Name"

Option 2: Service Principal (Recommended for Production)

# Create a service principal
az ad sp create-for-rbac --name "AuditAzureSP" --role "Reader" --scopes /subscriptions/{subscription-id}

# Set environment variables
export AZURE_TENANT_ID="your-tenant-id"
export AZURE_CLIENT_ID="your-client-id"
export AZURE_CLIENT_SECRET="your-client-secret"
export AZURE_SUBSCRIPTION_ID="your-subscription-id"

First Audit

Open Web UI: Navigate to http://localhost:3000
Run Evaluation: Select a control (e.g., "IM-2: Require MFA") and click "Run Evaluation"
View Findings: Review security findings with severity, affected resources, and remediation steps
Export Report: Download findings as JSON/CSV/PDF

📚 Documentation

Comprehensive documentation is available in the docs/ directory:

Document	Description
Getting Started	Step-by-step setup and first audit guide
API Reference	Complete REST API documentation
Design Document	Architecture and technical design
Setup Guide	Detailed installation and configuration
Evaluator Guide	Creating custom security evaluators
Control Catalog	Available security controls reference
User Guide	Platform usage and workflows
Test Strategy	Testing approach and coverage
Changelog	Release notes and version history

API Documentation

Interactive API documentation is available when running the platform:

Swagger UI: http://localhost:8000/docs
ReDoc: http://localhost:8000/redoc

🏛️ Architecture

┌─────────────────────────────────────────────────────────────┐
│                         Web UI (React)                       │
│                     http://localhost:3000                    │
└──────────────────────────┬──────────────────────────────────┘
                           │ REST API
┌──────────────────────────▼──────────────────────────────────┐
│                   FastAPI Backend                            │
│                  http://localhost:8000                       │
│  ┌────────────┐  ┌────────────┐  ┌─────────────────────┐   │
│  │ Evidence   │  │ Evaluation │  │ Findings & Controls │   │
│  │ Collection │  │   Engine   │  │    Management       │   │
│  └────────────┘  └────────────┘  └─────────────────────┘   │
└──────────────────────────┬──────────────────────────────────┘
                           │
        ┌──────────────────┼──────────────────┐
        │                  │                  │
┌───────▼──────┐  ┌────────▼────────┐  ┌─────▼──────┐
│  Evaluators  │  │   Azure SDK     │  │  Database  │
│   (Python)   │  │   Integration   │  │ (SQLite/   │
│              │  │                 │  │ Postgres)  │
│ • Identity   │  │ • Resource      │  │            │
│ • Network    │  │   Graph API     │  │ • Evidence │
│ • Data Prot. │  │ • Management    │  │ • Findings │
│ • Logging    │  │   APIs          │  │ • Controls │
│ • VM/Compute │  │ • Defender      │  │            │
└──────────────┘  └─────────────────┘  └────────────┘

Key Components

API Layer (api/): FastAPI REST endpoints for evidence, findings, controls, and evaluation
Evaluators (evaluators/): Pluggable Python modules for domain-specific security checks
Azure SDK (azure_sdk/): Azure service client wrappers and authentication
Persistence (persistence/): SQLAlchemy models and database management
Controls (controls/): YAML-based control catalog and ASB mappings
UI (ui/): React-based web interface for visualization
Scripts (scripts/): PowerShell remediation and data collection utilities

🛠️ Development

Project Structure

Audit-Azure/
├── api/                    # FastAPI application
│   ├── main.py            # API entry point
│   ├── security.py        # Authentication & authorization
│   └── schemas/           # Pydantic models
├── evaluators/            # Security check modules
│   ├── identity.py        # Identity & access management
│   ├── network_security.py # Network security controls
│   ├── data_protection.py  # Data protection checks
│   └── ...
├── azure_sdk/             # Azure API integrations
│   ├── auth.py            # Azure authentication
│   ├── resource_graph.py  # Resource Graph queries
│   └── ...
├── persistence/           # Database layer
│   ├── models.py          # SQLAlchemy models
│   └── db.py              # Database configuration
├── controls/              # Control definitions
│   ├── asb_controls.py    # Azure Security Benchmark
│   └── starter_catalog.yaml
├── ui/                    # React web interface
├── scripts/               # Automation scripts
├── tests/                 # Test suite
└── docs/                  # Documentation

Running Tests

# Install development dependencies
pip install -e ".[dev]"

# Run all tests
pytest

# Run with coverage
pytest --cov=. --cov-report=html

# Run specific test file
pytest tests/test_evaluators.py

Local Development

# Backend only
cd api
uvicorn main:app --reload --host 0.0.0.0 --port 8000

# Frontend only
cd ui
npm start

# Database migrations
alembic upgrade head

🤝 Contributing

We welcome contributions from the community! Here's how you can help:

Ways to Contribute

🐛 Report Bugs: Open an issue with detailed reproduction steps
💡 Suggest Features: Share your ideas for new capabilities
📝 Improve Documentation: Help make docs clearer and more comprehensive
🔧 Submit Pull Requests: Fix bugs or implement new features
🎨 Enhance UI/UX: Improve the web interface design

Contribution Guidelines

Fork the repository and create a feature branch
```
git checkout -b feature/your-feature-name
```
Make your changes following the coding standards
- Use Black for Python code formatting
- Follow PEP 8 guidelines
- Add tests for new functionality
- Update documentation as needed
Test your changes
```
pytest
black . --check
flake8 .
```

Commit with clear messages following Minto Pyramid Principle

git commit -m "Add: Brief description of feature

Detailed explanation of changes and motivation."

Push and create a Pull Request

git push origin feature/your-feature-name

Development Setup

# Clone your fork
git clone https://github.com/YOUR_USERNAME/Audit-Azure.git
cd Audit-Azure

# Install in development mode
pip install -e ".[dev]"
cd ui && npm install

# Run in development mode
./run_all.sh  # or run_all.bat on Windows

Adding New Evaluators

See EVALUATOR_GUIDE.md for detailed instructions on creating custom security evaluators.

📊 Roadmap

Version 1.1 (Q1 2026)

Multi-tenant support
RBAC and authentication
Advanced filtering and search
Scheduled audits and automation
Email notifications for critical findings

Version 1.2 (Q2 2026)

Azure Government Cloud support
Compliance frameworks (HIPAA, PCI-DSS, SOC 2)
Custom control definitions via UI
Integration with SIEM platforms
API rate limiting and caching improvements

Version 2.0 (Q3 2026)

Machine learning for anomaly detection
Predictive security scoring
AWS and GCP support
Enterprise features (SSO, advanced reporting)

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

MIT License

Copyright (c) 2025 Adrian Johnson

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

🙏 Acknowledgments

Microsoft Azure - For comprehensive SDK and documentation
FastAPI - Modern, high-performance web framework
Azure Security Benchmark - Security baseline and control framework
CIS Benchmarks - Independent security configuration standards
Open Source Community - For invaluable tools and contributions

📞 Support & Contact

Getting Help

📖 Documentation: Check the docs/ directory for comprehensive guides
🐛 Issues: GitHub Issues for bug reports and feature requests
💬 Discussions: GitHub Discussions for questions and community support
📧 Email: adrian207@gmail.com for direct inquiries

Reporting Security Vulnerabilities

[Inference] If you discover a security vulnerability, please email adrian207@gmail.com directly rather than opening a public issue. We take security seriously and will respond promptly.

📈 Project Status

Active Development - This project is actively maintained and accepting contributions.

⭐ If you find this project useful, please consider giving it a star! ⭐

Made with ❤️ by Adrian Johnson

Report Bug • Request Feature • View Documentation • Contributing

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
.github		.github
alembic		alembic
api		api
azure_sdk		azure_sdk
controls		controls
docs		docs
evaluators		evaluators
persistence		persistence
scripts		scripts
tests		tests
ui		ui
.dockerignore		.dockerignore
.env.docker.example		.env.docker.example
.gitignore		.gitignore
CONTRIBUTING.md		CONTRIBUTING.md
DOCUMENTATION_SUMMARY.md		DOCUMENTATION_SUMMARY.md
Dockerfile		Dockerfile
Dockerfile.ui		Dockerfile.ui
GITHUB_REPOSITORY_SETTINGS.md		GITHUB_REPOSITORY_SETTINGS.md
LICENSE		LICENSE
New Text Document.txt		New Text Document.txt
README.md		README.md
RELEASE_INSTRUCTIONS.md		RELEASE_INSTRUCTIONS.md
RELEASE_NOTES_v1.0.0.md		RELEASE_NOTES_v1.0.0.md
SECURITY.md		SECURITY.md
alembic.ini		alembic.ini
azure-audit.code-workspace		azure-audit.code-workspace
check_updates.bat		check_updates.bat
check_updates.sh		check_updates.sh
docker-compose.yml		docker-compose.yml
docker-start.bat		docker-start.bat
docker-start.sh		docker-start.sh
install.bat		install.bat
install.sh		install.sh
npm-audit-restored.json		npm-audit-restored.json
npm-audit-restored2.json		npm-audit-restored2.json
pyrightconfig.json		pyrightconfig.json
run_all.bat		run_all.bat
run_all.sh		run_all.sh
run_api.bat		run_api.bat
run_api.sh		run_api.sh
run_ui.bat		run_ui.bat
run_ui.sh		run_ui.sh
setup.py		setup.py

License

adrian207/Audit-Azure

Folders and files

Latest commit

History

Repository files navigation