AZSBTools

1.100.106

AZSBTools.psm1

                                function New-SBAZServicePrincipal {

<# 

 .SYNOPSIS

  Function to create Azure AD Service Principal 

 .DESCRIPTION

  Function to create Azure AD Service Principal 

  The use case intended for this function is to use the Service Principal to run PowerShell scripts against an Azure subscription

 .PARAMETER ServicePrincipalName

  One or more Service Principal Names

 .PARAMETER Environment

  Name of the Azure cloud. As of 15 March 2018 that list is:

    AzureGermanCloud

    AzureCloud

    AzureUSGovernment

    AzureChinaCloud

    To see an updated list, use: 

        (Get-AzureRMEnvironment).Name

 .EXAMPLE

  $SPList = New-SBAZServicePrincipal -ServicePrincipalName samtest1,sam1demo

 .OUTPUTS

  The function returns a Microsoft.Azure.Graph.RBAC.Version1_6.ActiveDirectory.PSADServicePrincipal object for each input Service Principal Name 

 .LINK

  https://superwidgets.wordpress.com/

 .NOTES

  Function by Sam Boutros

  v0.1 - 14 March 2018

  v0.2 - 15 March 2018 - Added 'Environment' parameter

#>

    [CmdletBinding(ConfirmImpact='Low')] 

    Param(

        [Parameter(Mandatory=$true)][String[]]$ServicePrincipalName,

        [Parameter(Mandatory=$false)][ValidateSet('AzureCloud','AzureUSGovernment','AzureGermanCloud','AzureChinaCloud')][String]$Environment = 'AzureCloud'

    )

    Begin { 

        $Subscription = Connect-AzureRmAccount -Environment $Environment  

    }

    Process {

        if ($Subscription.Context.Subscription.Name) { 

            Write-Log 'Identified',$Subscription.Context.Subscription.Name,'subscription in the',$Subscription.Context.Environment.Name,'cloud' Green,Cyan,Green,Cyan,Green

            $SPList = foreach ($AppName in $ServicePrincipalName) {

                $AppCred = Get-SBCredential -UserName $AppName

                #region Create/Validate Azure AD App

                Remove-Variable App -EA 0 

                if ($App = Get-AzureRmADApplication -DisplayName $AppName) {

                    Write-Log 'Validated app:',$App.Displayname Green,Cyan 

                } else {

                    $App = New-AzureRmADApplication -DisplayName $AppName -IdentifierUris $AppName

                    Write-Log 'Created app:',$App.Displayname Green,Cyan 

                }            

                #endregion

                #region Create/Validate Azure AD Service Principal

                Remove-Variable ServicePrincipal -EA 0 

                if ($ServicePrincipal = Get-AzureRmADServicePrincipal | where { $PSItem.ApplicationId -eq $App.ApplicationId.Guid }) {

                    Write-Log 'Validated Service Principal:',($ServicePrincipal.SerVicePrincipalNames -join ', ') Green,Cyan 

                } else {

                    $ServicePrincipal = New-AzureRmADServicePrincipal -ApplicationId $App.ApplicationId.Guid -Password $AppCred.Password

                    Write-Log 'Created Service Principal:',($ServicePrincipal.SerVicePrincipalNames -join ', ') Green,Cyan 

                }            

                #endregion

                $ServicePrincipal

            }

        } else {

            Write-Log 'No subscriptions found for account',$Subscription.Context.Account.Id,'in the',$Subscription.Context.Environment.Name,'cloud' Magenta,Yellow,Magenta,Yellow,Magenta

        }        

    }

    End {

        $SPList

    }

}

Export-ModuleMember -Function * -Variable *