Creating An Azure Credential the Easy Way in Windows Using Powershell and get_azure_cred.ps1

Creating An Azure Credential the Easy Way in Windows Using Powershell and get_azure_cred.ps1

We have created some helpful scripts in our public Github repository.  One of those is a script called get_azure_cred.ps1, which runs in Windows and Powershell and will:
  • Log you into your Azure account
  • Create an application for you in your Active Directory
  • Create an associated service principal for you in your Active Directory (which can be used to login on your behalf)
  • Create a limited permission role
  • Map the service principal to the limited permission role
  • Output the parameters you will need to enter into ParkMyCloud.
  • You will need to have sufficient privileges within Azure to accomplish the above tasks.
  • You may also need to set the proper permissions to run powershell scripts: Set-ExecutionPolicy RemoteSigned

This script has been tested in Windows 10 and Powershell 3.0.

  • Create a directory to pull this repository to your Windows system (e.g., c:\users\<you>\git
  • Change to that directory:  cd ~/git
  • Clone the repository: (I suggest using Git-Desktop)
  • Set your branch to the latest version: (e.g., git branch v1.2)
  • Change to the appropriate directory: cd ~\git\useful_tools\powershell
  • Execute the script shown:  .\get_azure_cred.ps1
  • Follow the directions.

  • Example session shown below:

    cd ~\gituseful_tools\powershell 


    Logging into Azure: 

    Here are the subscriptions associated with your account:



    Enter the subscription you want to use:


    Need to create a ParkMyCloud application in your subscription.

    Here's the catch: It must be unique.

    What do you want to call it? (e.g., ParkMyCloud Azure Dev): PMC Azure Dev

    Enter password for your application: parkmycloud1

    Re-enter your password: parkmycloud1

    Created service principal for application.

    Created limited access role for app.

    Waiting on Service Principal to show up in AD

    Service Principal 0a12340-57qg-0f56-0234-0a1234b5cd67 found.

    Role has been mapped to service principal for application.

    Subscription ID: 00aaa000-00aa-0a00-0000-0a0000a0aa00

          Tenant ID: 0b00b0b0-0000-0000-00b0-bbb0b0b000bb

             App ID: 000kkk0-00kk-0000-k00k-00kk0000000k

     API Access Key: parkmycloud!

    Enter these on the Azure credential page in ParkMyCloud.

    There is a hidden directory created called ~\.PMCAzure which will store information about each step of the process:

        cd ~\.PMCAzure



            Directory: C:\Users\<you>\.PMCAzure

        Mode                LastWriteTime         Length Name                              

        ----                -------------         ------ ----                                

        -a----         1/5/2017   3:39 PM            374 PMCAzureAccountLog                  

        -a----         1/5/2017   3:40 PM            894 PMCAzureAppLog      

        -a----         1/5/2017   3:39 PM            572 PMCAzureLoginLog                   

        -a----         1/5/2017   3:40 PM           1018 PMCAzureRoleLog                     

        -a----         1/5/2017   3:40 PM           1078 PMCAzureRoleMapLog                  

        -a----         1/5/2017   3:40 PM            770 PMCAzureServicePrincipalLog         

        -a----         1/5/2017   3:40 PM           1962 PMCExampleAzureRole.json                                                   



    These scripts are maintained only a best effort basis. If you wish to make changes or fix bugs, please fork the repository, make changes there and, once you have completed your testing, open up a pull request within Github.