Martin Ehrnst ehrnst
ehrnst
/ New-AADAppDemo.ps1
Created
April 9, 2018 11:51
Create Azure Active Directory application with powershell and set reader permission on subscription
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Creates an azure ad application and sets reader permissions on subscription | |
| .NOTES | |
| Script is provided as an example, it has no error handeling and is not production ready. App name and permissions is hard coded. | |
| #> | |
| param( | |
| [Parameter(Mandatory)] |
ehrnst
/ postEventGridDemo1.ps1
Last active
August 3, 2018 15:32
Send custom events to azure event grid from powershell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Synopsis | |
| Example code on how to post messages to a custom event grid topic | |
| .Notes | |
| part of a blog article on https://adatum.no | |
| #> | |
| $eventDate = get-date -Format s # get the date and time for the event. Has to be sortable for event grid to accept. Pass as a string | |
| $eagSASkey = "HCDs7UFipbBXZ0OPc+mM=2" # access key. |
ehrnst
/ event-grid-function-test.ps1
Last active
August 3, 2018 15:22
azure function return event grid validation event
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # POST method: $req | |
| $requestBody = Get-Content $req -Raw | ConvertFrom-Json | |
| ## validate event grid as described in https://docs.microsoft.com/en-us/azure/event-grid/security-authentication | |
| # check event type and return a Json object with the correct validation response | |
| if ($requestBody.eventType -eq "Microsoft.EventGrid.SubscriptionValidationEvent") { | |
| $code = $requestBody.data.validationCode | |
| $content = @{ validationResponse = $code } | |
| $message = convertto-json -compress -InputObject ([ordered]@{ | |
| body = $content |
ehrnst
/ Azure-graph-partnerCenter-examples.ps1
Last active
November 9, 2023 14:11
CSP Secure app model with Powershell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Connect to partner center via refresh token | |
| # Considering the refresh token is stored securely. We will have to get a new access token. | |
| $clientId = {multi tenant app id} | |
| $secret = {multi tnant app secret} | |
| $partnerAccessTokenUri = "https://login.windows.net/$partnerTenant/oauth2/token" | |
| $params = @{ | |
| resource = "https://api.partnercenter.microsoft.com"; | |
| grant_type = "refresh_token"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "webAppName": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Base name of the resource such as web app name and app service plan " | |
| }, | |
| "minLength": 2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", | |
| "contentVersion": "1.0.0.1", | |
| "parameters": { | |
| "rgName": { | |
| "type": "string", | |
| "defaultValue": "ehrnst-demo-function-rg" | |
| }, | |
| "rgLocation": { | |
| "type": "string", |
ehrnst
/ auhtenticateandquery.ps1
Created
March 28, 2019 20:40
Azure AD authentication against azure functions using a custom app.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # getting a token from login.microsoft.com | |
| # scope here is my custom app ID which has a custom application role defined. | |
| $tenantID = "tenant.onmicrosoft.com" | |
| $myCustomAPPID = "customAppWithID/.default" | |
| $ClientID = 'your client id' | |
| $ClientKey = 'your client key' | |
| $params = @{ | |
| scope = $myCustomAPPID; | |
| grant_type = 'client_credentials'; | |
| client_id = $ClientId; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trigger: | |
| - master | |
| variables: | |
| # Agent VM image name | |
| vmImageName: 'windows-2019' | |
| # service connection (azure) | |
| azureServiceConnection: '{{ azServiceConnection }}' |
ehrnst
/ acknowledge-alerts.ps1
Last active
February 24, 2020 19:08
Retrieving data from Azure Monitor REST api with powershell: https://adatum.no/?p=6096
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # alert handeling | |
| # updating alert status | |
| # get alerts | |
| $alerts = Invoke-RestMethod -Method Get -Uri "https://management.azure.com/subscriptions/$subscriptionId/providers/Microsoft.AlertsManagement/alerts?api-version=2018-05-05" -Headers $headers | |
| # fore every alert I have. get it's ID and acknowledge it. | |
| # pay attention to the method is now POST (one can debate if this should be a PUT) | |
| foreach ($alert in $alerts.value) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- | |
| IMPORTANT: | |
| - Policy elements can appear only within the <inbound>, <outbound>, <backend> section elements. | |
| - To apply a policy to the incoming request (before it is forwarded to the backend service), place a corresponding policy element within the <inbound> section element. | |
| - To apply a policy to the outgoing response (before it is sent back to the caller), place a corresponding policy element within the <outbound> section element. | |
| - To add a policy, place the cursor at the desired insertion point and select a policy from the sidebar. | |
| - To remove a policy, delete the corresponding policy statement from the policy document. | |
| - Position the <base> element within a section element to inherit all policies from the corresponding section element in the enclosing scope. | |
| - Remove the <base> element to prevent inheriting policies from the corresponding section element in the enclosing scope. | |
| - Policies are applied in the order of their appearance, from the top down. |