PowerShell can be used as a REST client to access Azure REST API's. To access Azure REST methods, you will need to have access to subscription with Azure AD App Registration. If you haven't done Azure AD App registration. You can follow this article here. Make sure you capture client secret key after app is registered. Once you have tenant id, client id, client secret, and subscription id you can proceed forward with below instructions.
To make life easier, I have checked in my PowerShell code to Github. Feel free to download them and modify it to your needs.
In this tutorial, I will go over how to get resource groups from Azure REST API. One of the basic CRUD operation, I will perform.
Create a file called Get-AzureResourceGroup.ps1. Let's create required variables. Make sure to fill in required variables from your Azure subscription.
Variables
# Variables
$TenantId = "" # Enter Tenant Id.
$ClientId = "" # Enter Client Id.
$ClientSecret = "" # Enter Client Secret.
$Resource = "https://management.core.windows.net/"
$SubscriptionId = "" # Enter Subscription Id.
Once you have updated above required values. Let's make a first REST call to get access token.
We will use below URL to make a REST call to get access token.
POST https://login.microsoftonline.com/{tenantId}/oauth2/token
Request Access Token
Add following code to your PowerShell script after variables.
$RequestAccessTokenUri = "https://login.microsoftonline.com/$TenantId/oauth2/token"
$body = "grant_type=client_credentials&client_id=$ClientId&client_secret=$ClientSecret&resource=$Resource"
$Token = Invoke-RestMethod -Method Post -Uri $RequestAccessTokenUri -Body $body -ContentType 'application/x-www-form-urlencoded'
Write-Host "Print Token" -ForegroundColor Green
Write-Output $Token
After you have retrieved the access token, we will use that to authorize to Azure REST methods.
Get Resource groups
To retrieve all resource groups in Azure. We will use below URL.
GET https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups?api-version=2017-05-10
Enter below code to Get-AzureResourceGroup.ps1.
# Get Azure Resource Groups
$ResourceGroupApiUri = "https://management.azure.com/subscriptions/$SubscriptionId/resourcegroups?api-version=2017-05-10"
$Headers = @{}
$Headers.Add("Authorization","$($Token.token_type) "+ " " + "$($Token.access_token)")
$ResourceGroups = Invoke-RestMethod -Method Get -Uri $ResourceGroupApiUri -Headers $Headers
Write-Host "Print Resource groups" -ForegroundColor Green
Write-Output $ResourceGroups
The above line of code should return all the resource group from an Azure subscription.
Below is the full script and output.
# Variables
$TenantId = "" # Enter Tenant Id.
$ClientId = "" # Enter Client Id.
$ClientSecret = "" # Enter Client Secret.
$Resource = "https://management.core.windows.net/"
$SubscriptionId = "" # Enter Subscription Id.
$RequestAccessTokenUri = "https://login.microsoftonline.com/$TenantId/oauth2/token"
$body = "grant_type=client_credentials&client_id=$ClientId&client_secret=$ClientSecret&resource=$Resource"
$Token = Invoke-RestMethod -Method Post -Uri $RequestAccessTokenUri -Body $body -ContentType 'application/x-www-form-urlencoded'
Write-Host "Print Token" -ForegroundColor Green
Write-Output $Token
# Get Azure Resource Groups
$ResourceGroupApiUri = "https://management.azure.com/subscriptions/$SubscriptionId
