AzADServicePrincipalInsights icon indicating copy to clipboard operation
AzADServicePrincipalInsights copied to clipboard
verified publisher icon JulianHayward

Scheduling and automation

Open horgasz2023 opened this issue 1 year ago • 3 comments

Hello,

I was searching head and heals for a solution how could i automate running the script and so far could not find any solution. Using a registered app with application secret authentication and triggering manually works like a charm with or without associated Azure subscription for the Entra ID tenant. I was thinking about: Option 1 - have a dedicated vm and configure as scheduled task -- could not solve the security part with app+application secret Option 2 - Azure automation with powershell workflow - could not solve the authentication part So maybe someone could enlight me how can i make the authentication secure + run the script on a schedule basis in an automated way?

horgasz2023 avatar Jun 19 '24 05:06 horgasz2023

hey there @horgasz2023 the solution is directly here in the repo - running it in Azure DevOps or GitHub. In case you cannot use these you could add a managed identity to your VM / no secret required.

JulianHayward avatar Jun 19 '24 14:06 JulianHayward

can you provide some details how a managed identity scenario could replace the app secret authentication? Unfortunately I did not get the point if I assign a managed identity to a vm how could this identity authenticate to the registered app. Is there a guide how this could be configured?

horgasz2023 avatar Jun 21 '24 13:06 horgasz2023

a good learning objective I guess :) good luck!

JulianHayward avatar Jun 21 '24 15:06 JulianHayward