Saturday, February 17, 2024

Powershell script to check B2B guest account invitation state in bulk

 # Install AzureAD module if not already installed

Install-Module -Name AzureAD -Force -Scope CurrentUser

# Import required modules

Import-Module AzureAD

# Read emails from Excel sheet

$emails = Import-Excel -Path "emails.xlsx" | Select-Object -ExpandProperty Email

# Connect to Azure AD

Connect-AzureAD

# Iterate through emails and check user existence and account status

foreach ($email in $emails) {

    $user = Get-AzureADUser -Filter "mail eq '$email'"

    if ($user) {

        Write-Host "User with email $email exists. Account Enabled: $($user.AccountEnabled) with invitation status: $($user.UserState)"

    } else {

        Write-Host "User with email $email does not exist."

    }

}


Tuesday, January 16, 2024

How to schedule Azure APIM instance backup

In this article we will go through high level steps to take backup of Azure APIM instance to a storage account.

There are couple of ways to configure a regular backup of the Azure APIM instances. In this instance, we will configure Azure APIM backup using Logic Apps.

Before we proceed make sure below services are are already created

1. Azure APIM instance

2. Azure Storage account

3. Container in Azure Storage account

Let's see what it takes to configure a scheduled Azure APIM instance backup on a daily basis

1. Create a Logic App and navigate to Logic App designer tab

2. Add Recurrence step and set interval to what ever you would like to run the backups.

3. Add next step with HTTP POST method and use below URL and replace the place holders as per your environment

https://management.azure.com/subscriptions/<<Subscription ID>>/resourceGroups/<<Resource Group Name>>/providers/Microsoft.ApiManagement/service/<<APIM Instance Name>>/backup?api-version=2021-08-01"

then add below payload in the by replacing the values per your environment

{

"accessKey": "<<Storage Account Access Key>>",
"backupName":"<<Provide the backup name you would like to create with and append the name with date or  current timestamp to make the backup name unique>>",

"containerName":"<<Container Name from the storage account>>"

"storageAccount":"<<Azure Storage account name>>"

}

4. Save the Logic App.

5. Now, Enabled the System assigned Identity for the logic app

6. Navigate to Azure APIM instance >> Access Control(IAM) tab

7. Click on Add role Assignment then select "API Management Service Contributor" role and click Next

8. Select the "Managed Identity" and select "Select Members"

9. Select the Azure Logic App create above and click on "Review and assign"

10. Back to Azure Logic App and click on "Run" to test the Logic app for Azure APIM backup.

Note that backup will take around 30 min to complete.


Thanks

Saturday, December 16, 2023

Check the assigned policies to Application in Azure AD through powershell


  • Install the required Azure AD preview module

Install-Module AzureADPreview

  • Connect to Azure AD with valid credentials -
Connect-AzureAD
  • Obtain the application Object ID

 Get-AzureADServicePrincipal -Filter "DisplayName eq '<<APPLICATION_NAME>>'"

  • Take the ObjectId from the above command result

Get-AzureADServicePrincipalPolicy -id  <<OBJECT ID from the above command>>

  •  Get the policy details

  Get-AzureADPolicy -Id <<ObjectIdOfthe Policy>> |select *