Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

PowerShell create resources on Azure using Rest API with user account

Using client id (Service Principal) and client secret to connect Azure Rest API is fairly easy and simple. As I have shown in my earlier articles. I am using another way of using your organization Username of Password to connect to azure Rest API instead of client id and client secret. You generate a OAuth2 token to connect Azure Rest API. To retrieve this oauth2 token, I am using az PowerShell module. (First I need to connect from PowerShell az module to Azure Infrastructure with Connect-AzAccount and grab the token from Get-AzAccessToken command). 

Next I am using the token in the headers parameters of Invoke-RestMethod to fetch the list information of subscriptions and resource groups. Token generated comes with expiry time. The lifetime of the OAuth 2.0 bearer token and ID tokens. The default is 60 minutes (1 hour). To get the information of Rest API and how to use them you can follow the document https://learn.microsoft.com/en-us/rest/api/resources/resource-groups/list?view=rest-resources-2021-04-01

For access to my earlier article blog check out Azure Rest API connect with PowerShell and create resources

Microsoft Azure rest api cloud powershell invoke-webrequest restmethod Get-AzAccessToken bearer token connect-azaccount import-module az.png

Download this script PowerShellAzModuleAzureRestAPI.ps1 here or it is also available on github.com.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# Install the Az PowerShell module if not already installed
#Install-Module -Name Az

# Import the Az PowerShell module
Import-Module -Name Az

# Set your Azure credentials
# $username = '[email protected]'
# $password = ' '| ConvertTo-SecureString -AsPlainText -Force
# $cred = New-Object System.Management.Automation.PSCredential ($username, $password)

# Login to Azure
Connect-AzAccount #-Credential $cred

# Get the access token
$token = Get-AzAccessToken

# Use the access token to authenticate your Azure REST API requests
$headers = @{
  "Authorization" = "Bearer $($token.Token)"
  "Content-Type" = "application/json"
}

# List subscriptions using Azure REST API request
$url = "https://management.azure.com/subscriptions?api-version=2021-04-01"
$response = Invoke-RestMethod -Uri $url -Method Get -Headers $headers
$response.value

# List Resource Groups using Azure REST API request
$subscription = Get-AzSubscription -SubscriptionName 'Sponsership-by-Microsoft'

$url = "https://management.azure.com/subscriptions/$($subscription.Id)/resourcegroups?api-version=2021-04-01"
$response = Invoke-RestMethod -Uri $url -Method Get -Headers $headers
$response.value

Useful Articles
Powershell Azure Inventory GUI Utility
Create and manage Azure budgets
Connect-AzAccount The 'Connect-AzAccount' command was found in the module 'Az.Accounts', but the module could not be loaded
Microsoft Azure Rest API using PowerShell
Microsoft Azure Rest API using PowerShell Part 2
How to switch to other Azure AD tenant using PowerShell and Azure CLI
Creating a new user in Azure AD using oneliner PowerShell and Azure CLI
Connect-AzureAD: One or more errors occurred. Could not load type 'System.Security.Cryptography.SHA256Cng'
Create a Azure Virtual Network with Subnet using PowerShell
Azure add create a Subnet to existing Virtual Network using PowerShell
Remove Azure Virtual Network Subnet using PowerShell

Go Back

Comment

Blog Search

Page Views

12086061

Follow me on Blogarama