Service principle are non-interactive Azure accounts. Applications use Azure services should always have restricted permissions. Azure offers Service principals allow applications to login with restricted permission Instead having full privilege in non-interactive way.
Using Service Principal we can control which resources can be accessed.
For Security reason, it’s always recommended to use service principal with automated tools rather than allowing them to log in with user identity
Create a Service Principal with PowerShell.
Note: For this demo we are using Azure RM PowerShell module. Azure has introduced new PowerShell module called AZ. Create AD App
This service principal is valid for one year from the created date and it has Contributor Role assigned. Further using this Service principal application can access resource under given subscription. We can scope to resources as we wish by passing resource id as a parameter for Scope.
View created AD app in Portal
1. Log in Portal
Go to Azure Active Direcoty -> App Registrations
We can find the created app as below
Once we click the app we will see app details as below
We need this information when we need to login through Service principal
In some cases, we need to run some script in administrator mode.
Sometimes we face a situation where we want to know whether the script is running on Administrator mode.
Following script says whether PowerShell script is running on Administrator mode or not.
$elevated = [bool](([System.Security.Principal.WindowsIdentity]::GetCurrent()).groups -match "S-1-5-32-544")
if($elevated -eq $false)
{
throw "In order to install services, please run this script elevated."
}
else {
Write-Host "You are in Administrator mode"
}
In some cases we need to call POST REST API using Powershell.
Let’s go through sample code to get to know how it is done using Powershell.
In this Article we will go through below topics.
Create sample Web API
Invoke Web API in Powershell
Create Sample Web API
Create ASP.NET Core Web Application
Select API option
Once project created we can see default values controller as below
We need our API to accept some Data. So we will create Modal class for that
Create Modals Folder
Create SampleData class under Modals Folder
Add Sample properties to the class. I created Value1 and Value2 as string type.
Implement API method in ValuesController as below.
[Route(“TestMethod”)]
[HttpPost]
public ActionResult TestMethod(SampleData data)
{
// Do what ever with Data
var authKey = Request.Headers[“AuthKey”];return Ok();
}
Invoke Web API in Powershell
Open Powershell ISE and write following codes to invoke REST API.