Public/Invoke-OriAzBopUseAzCredential.ps1
<#
.SYNOPSIS Create Credential based on token hidden in Profile when user is connected to Azure. .DESCRIPTION When is: - installed proper modules for connect to Azure - powershell is executed with profile - user with proper rights is conneted to Azure than is possible use the existing user token from Azure profile to Oriflame Powershell Module repository. .PARAMETER InstallModuleWhenRequired When the parameter is set Az.Account nor AzureRm.Profile is missing, Az.Account will be installed. .PARAMETER ConnectAzureWhenRequired When the parameter is set and Azure is not connnect it initate connection. Interaction may required. .EXAMPLE # Silent login $User = "xxx@xxxx.onmicrosoft.com" $PWord = ConvertTo-SecureString -String "<Password>" -AsPlainText -Force $tenant = "<tenant id>" $subscription = "<subscription id>" $Credential = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $User,$PWord $ConnectAzureParam = @{ Credential = $Credential Tenant = $tenant Subscription = subscription } [PSCredential] $RepoCredentail = Invoke-OriAzBopGetAzCredential ` -InstallModuleWhenRequired ` -ConnectAzureWhenRequired ` -ConnectAzureParam $ConnectAzureParam .EXAMPLE # When is not logged it ask for Credentils on Classic powershell. # Note: On Powershell Core it shows the url and CODE for autentication via browser [PSCredential] $RepoCredentail = Invoke-OriAzBopGetAzCredentia ` -InstallModuleWhenRequired ` -ConnectAzureWhenRequired #> function Invoke-OriAzBopGetAzCredential { [CmdLetBinding()] [Outputtype("PSCredential")] param ( [Parameter(Mandatory = $false, HelpMessage = "When the parameter is set Az.Account nor AzureRm.Profile is missing, Az.Account will be installed.")] [switch] $InstallModuleWhenRequired, [Parameter(Mandatory = $false, HelpMessage = "When the parameter is set and Azure is not connnect it initate connection. Interaction may required.")] [switch] $ConnectAzureWhenRequired, [Parameter(Mandatory = $false, HelpMessage = "Parameters for Connect Azure if needed")] [Hashtable] $ConnectAzureParam = @{} ) $ErrorActionPreference = 'Stop' Write-Verbose -Message ("[ START: {0}:{1} (v.{2}) ]" -f $Local:MyInvocation.MyCommand.Source, $Local:MyInvocation.MyCommand.Name, $Local:MyInvocation.MyCommand.Version) foreach ($arg in $PSBoundParameters.GetEnumerator()) { if ([string]::IsNullOrEmpty($arg.Value)) { Write-Debug -Message ("[null] {0}: {1}" -f $arg.Key, $arg.Value) -ErrorAction SilentlyContinue } else { Write-Debug -Message ("[{2}] {0}: {1}" -f $arg.Key, $arg.Value, $arg.Value.GetType().Name) -ErrorAction SilentlyContinue } } $InstalledAzureConnect = Get-InstalledModuleForAzureToken if ($InstalledAzureConnect -eq 'none') { if ($InstallModuleWhenRequired) { Write-Debug "Az.Account will be installed" Install-OriAzBopPrerequisite -Name Az.Account -AllowClobber -SkipPublisherCheck $InstalledAzureConnect = 'Az' } else { Throw "Module Az.Account nor AzureRm.Profile is installed. Use this command with switch 'Invoke-OriAzBopUseAzCredential -InstallModuleWhenRequired:`$true ... ' or 'Install-Module -Name Az.Account -Repository PSGallery'" } } $IsAlreadyConnected = $false switch ($InstalledAzureConnect) { 'Az' { $IsAlreadyConnected = Test-IsAzConnected; break } 'Rm3' { $IsAlreadyConnected = Test-IsRmConnected; break } 'RmOld' { $IsAlreadyConnected = Test-IsRmOldConnected; break } } if (!$IsAlreadyConnected) { if ($ConnectAzureWhenRequired) { switch ($InstalledAzureConnect) { 'Az' { Connect-AzAccount @ConnectAzureParam | Out-Null; break } 'Rm3' { Connect-AzureRmAccount @ConnectAzureParam | Out-Null; break } 'RmOld' { Connect-AzureRmAccount @ConnectAzureParam | Out-Null; break } } } else { Throw "The Azure is not connected. Use this command with switch 'Invoke-OriAzBopUseAzCredential -ConnectAzureWhenRequired:`$true ... ' or use for Az.Account 'Connect-AzAccount' or use for AzureRM.Profile 'Connect-AzureRmAccount' " } } $toReturn = $null switch ($InstalledAzureConnect) { 'Az' { $toReturn = Get-AzCredential; break } 'Rm3' { $toReturn = Get-AzureRmCredential; break } 'RmOld' { $toReturn = Get-AzureRmOldCredential; break } } Write-Verbose -Message ("[ END: {0} ]" -f $Local:MyInvocation.MyCommand.Name) return $toReturn } |