Skip to main content

Posts

Showing posts from November, 2018

Playing around with Azure REST API

There is always a moment when PowerShell, Azure CLI or ARM Template are not enough. Then you can use REST Azure API to automate some or all the task in Azure. In this article, we are going to do a REST call towards an Azure API using powershell script. For this, we should have a Service Principal to get an access token (via Oauth2 Client Credentials Grant ) for our API. Refer this to learn how to create & use Service Principal: Authenticating using a Service Principal We will call Azure Rest API to get all the resources from Resource Group: Resources - List By Resource Group Powershell script to call Azure Rest API Fill the parameters & run the below command to retrieve Azure resources: # ----------------- define variables ----------------- $client_id ="<<Application ID>>" $tenant_id= "<<Directory ID" $client_secret="<<Client secret>>" $subscriptionId="<<Subscription ID>>" $Resource

Authenticating using a Service Principal

Azure service principal is a security identity created within Azure Active Directory & it is used by user-created apps, services, and automation tools to access specific Azure resources. You can assign permissions to the service principal that are different than your own Azure account permissions. Creating a Service Principal Create an Application in Azure Active Directory which will create an associated Service Principal. Go to Application & you will need to take note of the "Application ID ( client_id )" and the "Directory (tenant) ID( tenant_id ) . Then, click on Certificates & Secrets from left navigation bar. Click on New client secret then fill the description & select expiry year. Once the Client Secret has been generated it will be displayed on screen.This is only displayed once so be sure to copy it now (otherwise you will need to regenerate a new secret). This value is the client_secret you will need. Assign Role to Service Principal