Created
November 18, 2019 21:51
-
-
Save svarukala/2260c5a3b94208ec348796d5f46e4a5b to your computer and use it in GitHub Desktop.
This PS script uses Azure AZ module that outputs list of all Azure AD Apps along with their expiration date, display name, credentials (passwordcredentials or keycredentials), start date, key id. Useful to know the apps that are expiring and take action (renew).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Requires Azure AD PowerShell Module | |
#Prompts user to login using Azure Credentials | |
Connect-AzAccount | |
#Set the page size to your need. | |
$pgsize = 100; | |
$pg = 0; | |
$cnt = $null | |
$results = @() | |
do { | |
$apps = Get-AzADApplication -First $pgsize -Skip ($pg*$pgsize) | |
$cnt = $apps | Measure-Object | |
if($cnt.Count -gt 0) | |
{ | |
Write-Output "Page: $pg; Found $($cnt.Count) apps" | |
$apps | %{ | |
$app = $_ | |
#$owner = Get-AzADApplicationOwner -ObjectId $_.ObjectID -Top 1 | |
$appCred = Get-AzADAppCredential -ObjectId $app.ObjectId | |
$appCred | %{ | |
$results += [PSCustomObject] @{ | |
CredentialType = $_.Type; | |
DisplayName = $app.DisplayName; | |
ExpiryDate = $_.EndDate; | |
StartDate = $_.StartDate; | |
KeyID = $_.KeyId; | |
AppId = $app.ApplicationId; | |
ObjectId = $app.ObjectId; | |
#Owners = $owner.UserPrincipalName; | |
} | |
} | |
} | |
} | |
$pg += 1; | |
} while ($cnt.Count -gt 0) | |
$results | FT -AutoSize | |
# Optionally export to a CSV file | |
#$results | Export-Csv -Path "AppsInventory.csv" -NoTypeInformation |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is a good article, which further corroborates my experience that Az PowerShell Module feels incomplete when working with Azure AD.
https://nedinthecloud.com/2019/07/16/demystifying-azure-ad-service-principals/