function Get-AzureCostAnalysis {
    [CmdletBinding()]
    param(
        [Parameter(Mandatory=$true)]
        [string[]]$SubscriptionIds,
        [datetime]$StartDate = (Get-Date).AddDays(-30)
    )

    $report = [PSCustomObject]@{
        Timestamp = Get-Date -Format 'yyyy-MM-dd HH:mm:ss'
        ResourceAnalysis = @()
        CostRecommendations = @()
    }

    foreach ($subId in $SubscriptionIds) {
        Set-AzContext -SubscriptionId $subId | Out-Null
        
        # 获取资源消耗数据
        $resources = Get-AzResource | Where-Object {
            $_.ResourceType -notin @('Microsoft.Resources/deployments','Microsoft.Resources/subscriptions') 
        }

        $resourceGroups = $resources | Group-Object ResourceGroupName
        foreach ($rg in $resourceGroups) {
            $costData = Get-AzConsumptionUsageDetail -StartDate $StartDate -EndDate (Get-Date) -ResourceGroup $rg.Name
            
            $report.ResourceAnalysis += [PSCustomObject]@{
                Subscription = $subId
                ResourceGroup = $rg.Name
                TotalCost = ($costData | Measure-Object PretaxCost -Sum).Sum
                UnderutilizedVMs = $rg.Group.Where{ $_.ResourceType -eq 'Microsoft.Compute/virtualMachines' }.Count
            }
        }
    }

    # 生成优化建议
    $report.ResourceAnalysis | ForEach-Object {
        if ($_.UnderutilizedVMs -gt 5) {
            $report.CostRecommendations += [PSCustomObject]@{
                Recommendation = "调整资源组 $($_.ResourceGroup) 中未充分利用的VM规模"
                PotentialSavings = "预计节省 $([math]::Round($_.TotalCost * 0.3)) 美元"
            }
        }
    }

    $report | Export-Excel -Path "$env:TEMP/AzureCostReport_$(Get-Date -Format yyyyMMdd).xlsx"
    return $report
}

function Invoke-ServerlessHealthCheck {
    [CmdletBinding()]
    param(
        [Parameter(Mandatory=$true)]
        [string]$ResourceGroup
    )

    # 获取函数应用运行环境信息
    $context = Get-AzContext
    $functions = Get-AzFunctionApp -ResourceGroupName $ResourceGroup

    $report = [PSCustomObject]@{
        Timestamp = Get-Date -Format 'yyyy-MM-dd HH:mm:ss'
        FunctionApps = @()
        SecurityFindings = @()
    }

    # 检查TLS版本配置
    $functions | ForEach-Object {
        $config = Get-AzFunctionAppSetting -Name $_.Name -ResourceGroupName $ResourceGroup
        
        $appReport = [PSCustomObject]@{
            AppName = $_.Name
            RuntimeVersion = $_.Config.NetFrameworkVersion
            HTTPSOnly = $_.Config.HttpsOnly
            MinTLSVersion = $config['minTlsVersion']
        }
        $report.FunctionApps += $appReport

        if ($appReport.MinTLSVersion -lt '1.2') {
            $report.SecurityFindings += [PSCustomObject]@{
                Severity = 'High'
                Description = "函数应用 $($_.Name) 使用不安全的TLS版本: $($appReport.MinTLSVersion)"
                Recommendation = '在应用设置中将minTlsVersion更新为1.2'
            }
        }
    }

    # 生成安全报告
    $report | Export-Clixml -Path "$env:TEMP/ServerlessSecurityReport_$(Get-Date -Format yyyyMMdd).xml"
    return $report
}