List conditional access policies via PowerShell, including if they apply to MS Admin Portals (CIS Azure Foundations 1.2.7)

gistfile1.txt

# First, connect to Microsoft Graph
Connect-MgGraph -Scopes "Policy.Read.All", "Directory.Read.All"

# Retrieve all Conditional Access policies
$policies = Get-MgIdentityConditionalAccessPolicy

# Iterate through each policy
foreach ($policy in $policies) {
    [pscustomobject]@{
        ID = $policy.Id
        Name = $policy.DisplayName
        CreatedAt = $policy.CreatedDateTime
        State = $policy.State
        AdminPortals = $policy.Conditions.Applications.IncludeApplications -contains "MicrosoftAdminPortals"
    }
}