Skip to content

Instantly share code, notes, and snippets.

@dstreefkerk
Created March 27, 2024 00:55
Show Gist options
  • Save dstreefkerk/ffb233ce57585818f3887b63b6310188 to your computer and use it in GitHub Desktop.
Save dstreefkerk/ffb233ce57585818f3887b63b6310188 to your computer and use it in GitHub Desktop.
List conditional access policies via PowerShell, including if they apply to MS Admin Portals (CIS Azure Foundations 1.2.7)
# First, connect to Microsoft Graph
Connect-MgGraph -Scopes "Policy.Read.All", "Directory.Read.All"
# Retrieve all Conditional Access policies
$policies = Get-MgIdentityConditionalAccessPolicy
# Iterate through each policy
foreach ($policy in $policies) {
[pscustomobject]@{
ID = $policy.Id
Name = $policy.DisplayName
CreatedAt = $policy.CreatedDateTime
State = $policy.State
AdminPortals = $policy.Conditions.Applications.IncludeApplications -contains "MicrosoftAdminPortals"
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment