AzAPICall

You want to have an easy way to interact with the Microsoft Azure API endpoints without getting headache of taking care of valid bearer token and error handling?

Table of content

• AzAPICall
  • Table of content
  • AzAPICall example
    • Get & Set AzAPICall PowerShell module
    • Initialize AzAPICall
    • How to use AzAPICall ?!
      • Example for Microsoft Graph
      • Example for Azure Resource Manager
  • Public functions
  • Supported endpoints
  • General Parameters
  • AzAPICall Parameters
  • Good to know
    • Don´t accept the defaults
    • AzAPICall Tracking
  • Runtime environment
    • Azure DevOps
  • Prerequisites
    • Powershell Modules
  • Contribute

AzAPICall example

Get & Set AzAPICall PowerShell module

Install-Module -Name AzAPICall
#Import-Module -Name AzAPICall

Connect to Azure

Connect-AzAccount

Initialize AzAPICall

$parameters4AzAPICallModule = @{
    #SubscriptionId4AzContext = $null #specify Subscription Id #[string]
    #TenantId4AzContext = $null #specify Tenant Id #[string]
    #DebugAzAPICall = $true #[bool]
    #WriteMethod = 'Output' #Debug, Error, Host, Information, Output, Progress, Verbose, Warning (default: host) #[string]
    #DebugWriteMethod = 'Warning' #Debug, Error, Host, Information, Output, Progress, Verbose, Warning (default: host) #[string]
    #SkipAzContextSubscriptionValidation = $true #Only use in case you do not have any valid (quotaId != AAD_* & state != disabled) subscriptions in your tenant OR you do not have any permissions on Azure Resources (Management Groups, Subscriptions, Resource Groups, Resources) and but want to connect non-ARM API endpoints such as Microsoft Graph etc. #[bool]
    #AzAPICallCustomRuleSet = $object #wip #[object]
}
$azAPICallConf = initAzAPICall @parameters4AzAPICallModule

How to use AzAPICall ?

Example for Microsoft Graph

Get AAD Groups:

AzAPICall -uri "$($azAPICallConf['azAPIEndpointUrls'].MicrosoftGraph)/v1.0/groups" -AzAPICallConfiguration $azAPICallConf

confused by '$($azAPICallConf['azAPIEndpointUrls'].MicrosoftGraph)'? It´s basically a reference to the correct endpoint (think public cloud, sovereign clouds). You can of course also hardcode the endpoint URI:

AzAPICall -uri "https://graph.microsoft.com/v1.0/groups" -AzAPICallConfiguration $azAPICallConf

Example for Azure Resource Manager

List Azure Subscriptions (expect multiple results):

AzAPICall -uri "$($azAPICallConf['azAPIEndpointUrls'].ARM)/subscriptions?api-version=2020-01-01" -AzAPICallConfiguration $azAPICallConf

Get Azure Subscription (expect one result):

AzAPICall -uri "$($azAPICallConf['azAPIEndpointUrls'].ARM)/subscriptions/$($subscriptionId)?api-version=2020-01-01" -AzAPICallConfiguration $azAPICallConf -listenOn Content

AzAPICallExample.ps1

Public functions

• initAzAPICall

• AzAPICall

• getAzAPICallFunctions

• getAzAPICallRuleSet

• createBearerToken

createBearerToken example:

$azAPICallConf = initAzAPICall
createBearerToken -AzAPICallConfiguration $azapicallconf -targetEndPoint 'Storage'
Write-Host 'here is the token:' $azAPICallConf['htBearerAccessToken'].Storage

Supported endpoints

| Endpoint | Endpoint URL (AzureCloud) | Variable | | ------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------- | | Microsoft Graph | https://graph.microsoft.com | $azAPICallConf['azAPIEndpointUrls'].MicrosoftGraph | | ARM (Azure Resource Management) | https://management.azure.com<br>(or regional: https://westus.management.azure.com) | $azAPICallConf['azAPIEndpointUrls'].ARM<br>(or regional: $azAPICallConf['azAPIEndpointUrls'].ARMwestus) | | Azure Key Vault | https://vault.azure.net | $azAPICallConf['azAPIEndpointUrls'].KeyVault | | Log Analytics | https://api.loganalytics.io/v1 | $azAPICallConf['azAPIEndpointUrls'].LogAnalytics | | Storage (blob) | https://<storageAccountName>.blob.core.windows.net / https://<storageAccountName>.blob.storage.azure.net | https://storageAccountName.blob.core.windows.net / https://storageAccountName.blob.storage.azure.net | | Monitor (ingest) | https://<dce-endpoint>.ingest.monitor.azure.com | https://dceEndpoint$($azAPICallConf['azAPIEndpointUrls'].MonitorIngest) |

Add a new endpoint -> setAzureEnvironment.ps1

General Parameters

Parameters that can be used with the initAzAPICall cmdlet

Example: Initialize AzAPICall

| Field | Type | Description | Required | | ----------------------------------- | :------: | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: | | DebugAzAPICall | bool | Set to true to enable debug output | | | SubscriptionId4AzContext | string | Specify if specific subscription should be used for the AzContext (Subscription Id / GUID) | | | TenantId4AzContext | string | Specify Tenant be used for the AzContext (Tenant Id / GUID) | | | WriteMethod | string | Write method. Debug, Error, Host, Information, Output, Progress, Verbose, Warning (default: host) | | | DebugWriteMethod | string | Write method in case of wanted or enforced debug. Debug, Error, Host, Information, Output, Pr