Sunday, August 29, 2021

<# 

  

.SYNOPSIS 

  

This script can be called from a runbook and uses Azure REST methods for resource related helper cmdlets. 

This module shows how to query if a resource can be provisioned with zone redundacy using the Provider API and client secret based authentication. 

#https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow 

#please refer the module members exported from this library for details. 

#> 

  

  

  

function Get-Payload() { 

param ( 

    [Parameter(Mandatory=$true)][string]$ClientId, 

    [Parameter(Mandatory=$true)][string]$ClientSecret, 

    [string]$Resource = "https://management.core.windows.net/" 

) 

    $Encoded=[System.Web.HttpUtility]::UrlEncode($ClientSecret) 

    $Payload = "grant_type=client_credentials&client_id=$ClientId&client_secret=$Encoded&resource=$Resource" 

    return $Payload 

} 

  

function Get-Token(){ 

param ( 

    [Parameter(Mandatory=$true)][string]$TenantId, 

    [Parameter(Mandatory=$true)][string]$ClientId, 

    [Parameter(Mandatory=$true)][string]$ClientSecret, 

    [string]$Resource = "https://management.core.windows.net/", 

     [string]$RequestAccessTokenUri = "https://login.microsoftonline.com/$TenantId/oauth2/token" 

) 

    $Payload = Get-Payload $ClientId $ClientSecret 

    $Token = Invoke-RestMethod -Method Post -Uri $RequestAccessTokenUri -body $Payload -ContentType 'application/x-www-form-urlencoded' 

    return $Token 

} 

<# 

  

.DESCRIPTION 

This returns true if the provider type and location supports availability zones. 

  

.PARAMETER subscriptionId 

The subscription to the Azure with which the resource group must be found. 

  

.PARAMETER location 

The location where the provider type must be looked up. 

  

#> 

function Get-AzReadyByProviderAndLocation() { 

    [CmdletBinding(SupportsShouldProcess)] 

    param ( 

        [Parameter(Mandatory=$true, HelpMessage="The subscription with which to lookup if availability zones exist.")][string]$SubscriptionId, 

        [Parameter(Mandatory=$true, HelpMessage="For example: West US 2")][string]$Location, 

        [Parameter(Mandatory=$true, HelpMessage="For example: Microsoft.Cache")][string]$Provider, 

        [Parameter(Mandatory=$true, HelpMessage="For example: Redis")][string]$ProviderType, 

        [string]$ResourceAccountWithType = "$($Provider)/$($ProviderType)", 

        [string]$TenantId = "", 

        [string]$ResourceType = "redisCache", 

        [string]$ResourceName = "", 

        [string]$ResourceGroupName = "", 

        [string]$resourceId = "/subscriptions/$($SubscriptionId)/resourceGroups/$($ResourceGroupName)/providers/$($ResourceAccountWithType)/$($ResourceName)", 

        [string]$ClientId = $null, 

        [string]$ClientSecret = $null, 

        [string]$Resource = "https://management.core.windows.net/", 

        [string]$RequestAccessTokenUri = "https://login.microsoftonline.com/$TenantId/oauth2/token", 

        [string]$EnvironmentName = "azurecloud", 

        [string]$ApiVersion="2020-06-01" 

    ) 

    $output = $False 

    if (($ClientId -eq "") -or ($ClientSecret -eq "") -or ($TenantId -eq "")) { 

        Connect-AzAccount -Environment $EnvironmentName  | Out-Null 

        Set-AzContext -subscriptionId ($SubscriptionId) | Out-Null 

        $Token = $(Get-AzAccessToken) 

        $TokenType = ($Token.Type) 

        $TokenStr = ($Token.Token) 

    } else { 

        $Token = Get-Token $TenantId $ClientId $ClientSecret $Resource $RequestAccessTokenUri 

        $TokenType = ($Token.token_type) 

        $TokenStr = ($Token.access_token) 

    } 

    $ApiUri = "https://management.azure.com/subscriptions/$SubscriptionId/providers/$($Provider)?api-version=$ApiVersion" 

    $Headers = @{} 

    $Headers.Add("Authorization","$($TokenType) "+ " " + "$($TokenStr)") 

    $SupportedProviders = @() 

    $SupportedProviders += "Microsoft.Cache" 

    $SupportedProviders += "Microsoft.Compute" 

    $SupportedProviders += "Microsoft.Network" 

    $SupportedProviders += "Microsoft.Storage" 

    $SupportedProviders += "Microsoft.Kusto" 

    $SupportedProviders += "Microsoft.ApiManagement" 

    $SupportedProviders += "Microsoft.DBforMySQL" 

    $SupportedProviders += "Microsoft.DBforPostgreSQL" 

    $SupportedProviders += "Microsoft.HDInsight" 

  

    if ($Provider -in $SupportedProviders) { 

        $azReadiness = Invoke-RestMethod -Method Get -Uri $ApiUri -Headers $Headers -ErrorVariable errMsg -ErrorAction SilentlyContinue  

        if ($errMsg -ne $null) { 

            $errMsg | Select-String -Pattern "The supported versions are '([\d-]+)," | Foreach-Object { $first, $last, $followers, $handle = $_.Matches[0].Groups[1].Value; break} 

            if ($first -ne $null) { 

                $ApiVersion = $first 

                $ApiUri = "https://management.azure.com/subscriptions/$SubscriptionId/providers/$Provider?api-version=$ApiVersion" 

                $azReadiness = Invoke-RestMethod -Method Get -Uri $ApiUri -Headers $Headers -ErrorAction Stop 

            } 

        } 

        if ($azReadiness -eq $null){ 

            return $Output 

        } 

        $azReadinessForResource = $azReadiness.resourceTypes | Where-Object -filterscript { (($_.resourceType -eq $providerType) -and ($_.locations -contains $Location) -and ($_.zoneMappings.location -eq $location)) } 

        if ($azReadinessForResource -ne $null){ 

            $zm = $azReadinessForResource.ZoneMappings | Where-Object -filterScript {($_.location -eq $Location)} 

            if ($zm -ne $null) {  

                $Output = ($zm.zones.length -gt 0) 

            } 

        } 

    } else { 

        Write-Host "Unsupported Provider." 

    } 

    return $Output 

} 

  

Export-ModuleMember -Function Get-Token 

Export-ModuleMember -Function Get-AzReadyByProviderAndLocation 

 

 

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)