Using Azure DevOps to track changes to Network Security Groups in Azure
I wanted an easy way to keep track of changes made to our NSGs in Azure and through a combination of a few offerings in Azure I settled on what I feel is a pretty good solution. The runbook is on a schedule to run every day and performs the following: Get the current configuration of the Network Security Group (NSG) Push the current configuration of the NSG to a DevOps repository Compare the current configuration against the previous configuration If there are any changes, send an email Resources needed: Azure Automation Runbook Azure DevOps license (Basic Plan for access to use Repos) Powershell Azure Keyvault (for storing the DevOps API key) Runbook code: