Getting Azure Defender Security Scores into JSON

This is kinda simple but I keep needing to come back to it...

#!/usr/bin/env bash
set -euo pipefail

# Usage:
#   ./export-azure-security.sh [SUBSCRIPTION_ID] [OUTPUT_DIR]
#
# Examples:
#   ./export-azure-security.sh
#   ./export-azure-security.sh 00000000-0000-0000-0000-000000000000 security-export

SUBSCRIPTION_ID="${1-}"
OUT_DIR="${2:-azure-security-export}"

mkdir -p "$OUT_DIR"

# Build subscription argument if provided
SUB_ARG=()
if [[ -n "${SUBSCRIPTION_ID}" ]]; then
  SUB_ARG=(--subscription "$SUBSCRIPTION_ID")
fi

echo "Exporting Azure security dashboard data to '$OUT_DIR'..."

echo "1/4 Secure scores..."
az security secure-scores list \
  "${SUB_ARG[@]}" \
  --output json > "$OUT_DIR/secure-scores.json"

echo "2/4 Security assessments (recommendations)..."
az security assessment list \
  "${SUB_ARG[@]}" \
  --output json > "$OUT_DIR/security-assessments.json"

echo "3/4 Security alerts..."
az security alert list \
  "${SUB_ARG[@]}" \
  --output json > "$OUT_DIR/security-alerts.json"

echo "4/4 Regulatory compliance (standards and controls)..."
az security regulatory-compliance-standards list \
  "${SUB_ARG[@]}" \
  --output json > "$OUT_DIR/regulatory-standards.json"

az security regulatory-compliance-controls list \
  "${SUB_ARG[@]}" \
  --output json > "$OUT_DIR/regulatory-controls.json"

echo "Done."
echo "Files created in: $OUT_DIR"
ls -1 "$OUT_DIR"