Creating An Azure Credential the Easy Way in Windows Using Powershell and get_azure_cred.ps1

Creating An Azure Credential the Easy Way in Windows Using Powershell and get_azure_cred.ps1


We have created some helpful scripts in our public Github repository.  One of those is a script called get_azure_cred.ps1, which runs in Windows and Powershell and will:
  • Log you into your Azure account
  • Create an application for you in your Active Directory
  • Create an associated service principal for you in your Active Directory (which can be used to login on your behalf)
  • Create a limited permission role
  • Map the service principal to the limited permission role
  • Output the parameters you will need to enter into ParkMyCloud.
NOTE: 
  • You will need to have sufficient privileges within Azure to accomplish the above tasks.
  • You may also need to set the proper permissions to run powershell scripts: Set-ExecutionPolicy RemoteSigned

This script has been tested in Windows 10 and Powershell 3.0.

Steps:
  • Create a directory to pull this repository to your Windows system (e.g., c:\users\<you>\git
  • Change to that directory:  cd ~/git
  • Clone the repository: https://github.com/parkmycloud/useful_tools.git (I suggest using Git-Desktop)
  • Set your branch to the latest version: (e.g., git branch v1.2)
  • Change to the appropriate directory: cd ~\git\useful_tools\powershell
  • Execute the script shown:  .\get_azure_cred.ps1
  • Follow the directions.

    • Example session shown below:

    cd ~\gituseful_tools\powershell 


    ./get_azure_cred.ps1


    Logging into Azure: 









    Here are the subscriptions associated with your account:


    My-Subscription-1

    My-Subscription-2


    Enter the subscription you want to use:

    My-Subscription-1



    Need to create a ParkMyCloud application in your subscription.

    Here's the catch: It must be unique.


    What do you want to call it? (e.g., ParkMyCloud Azure Dev): PMC Azure Dev

    Enter password for your application: parkmycloud1

    Re-enter your password: parkmycloud1


    Created service principal for application.


    Created limited access role for app.


    Waiting on Service Principal to show up in AD


    Service Principal 0a12340-57qg-0f56-0234-0a1234b5cd67 found.


    Role has been mapped to service principal for application.


    Subscription ID: 00aaa000-00aa-0a00-0000-0a0000a0aa00

          Tenant ID: 0b00b0b0-0000-0000-00b0-bbb0b0b000bb

             App ID: 000kkk0-00kk-0000-k00k-00kk0000000k

     API Access Key: parkmycloud!


    Enter these on the Azure credential page in ParkMyCloud.



    There is a hidden directory created called ~\.PMCAzure which will store information about each step of the process:


        cd ~\.PMCAzure

        ls 

        

            Directory: C:\Users\<you>\.PMCAzure



        Mode                LastWriteTime         Length Name                              

        ----                -------------         ------ ----                                

        -a----         1/5/2017   3:39 PM            374 PMCAzureAccountLog                  

        -a----         1/5/2017   3:40 PM            894 PMCAzureAppLog      

        -a----         1/5/2017   3:39 PM            572 PMCAzureLoginLog                   

        -a----         1/5/2017   3:40 PM           1018 PMCAzureRoleLog                     

        -a----         1/5/2017   3:40 PM           1078 PMCAzureRoleMapLog                  

        -a----         1/5/2017   3:40 PM            770 PMCAzureServicePrincipalLog         

        -a----         1/5/2017   3:40 PM           1962 PMCExampleAzureRole.json                                                   

     


    Updates

    These scripts are maintained only a best effort basis. If you wish to make changes or fix bugs, please fork the repository, make changes there and, once you have completed your testing, open up a pull request within Github.