2 min read Azure Arc

Az.ManagedServiceIdentity PowerShell Module

Az.ManagedServiceIdentity PowerShell Module
Az.ManagedServiceIdentity PowerShell Module

When you onboard a node to Azure Arc, you will also receive a system-assigned managed identity for that server. This managed identity provides a unique security identity for your server, and enables you to delegate different permissions for Azure resources such as Azure Key Vault. With this managed identity, you can create and manage Azure resource access policies and access controls, and can use it to securely authenticate and authorize your server to access Azure services and resources. This opens up many more possibilities and use cases for Azure Arc, and allows you to better secure and manage your hybrid and multi-cloud environments.

I recommend reading Authenticate against Azure resources with Azure Arc-enabled servers article.

You can install the Az.ManagedServiceIdentity PowerShell module directly from the PowerShell Gallery.

Install-Module -Name Az.ManagedServiceIdentity -Force -Verbose

Run the following command to print out all the command lets in Az.ManagedServiceIdentity PowerShell module

  • Get-Command -Module Az.ManagedServiceIdentity
Get-AzFederatedIdentityCredentials
Get-AzSystemAssignedIdentity
Get-AzUserAssignedIdentity
Get-AzUserAssignedIdentityAssociatedResource
New-AzFederatedIdentityCredentials
New-AzUserAssignedIdentity
Remove-AzFederatedIdentityCredentials
Remove-AzUserAssignedIdentity
Update-AzFederatedIdentityCredentials
Update-AzUserAssignedIdentity

Get-AzSystemAssignedIdentity example

Gets the systemAssignedIdentity available under the specified RP scope.

Get-AzSystemAssignedIdentity -Scope "/subscriptions/XXXXXX/resourceGroups/RG-PROD-IT-ARC/providers/Microsoft.HybridCompute/machines/ADFS01"

Get-AzSystemAssignedIdentity lists the following information

  • ClientID
  • ClientSecretUrl
  • Id
  • Location
  • Name
  • PrincipalId
  • ResourceGroupName
  • Tag
  • TenantID
  • Type
Get-AzSystemAssignedIdentity output

I also made one Excel spreadsheet that lists all the commands. You can download this from my GitHub repository.

AzureArc/Az.ManagedServiceIdentity v1.1.0 cmdlets.xlsx at main · Kaidja/AzureArc
Azure ARC related scripts and tools. Contribute to Kaidja/AzureArc development by creating an account on GitHub.
GitHubKaidja

Summary

Learn the Az.ManagedServiceIdentity PowerShell module commands and pump up your Azure Arc toolbox.

Let me know if you need help with Azure Arc implementation.

Published by:

Kaido Järvemets

You might also like...

Mar
26

Retrieve Azure AD Sign-In Logs with Microsoft.Graph PowerShell Module

2 min read
Feb
28

List Eligible Azure Active Directory PIM Assignments

3 min read
Feb
10

Simplifying Cyber Defense: How to Configure Attack Surface Reduction Rules with PowerShell

4 min read
Feb
10

Maximizing Efficiency with Configuration Manager Automation: Creating Device Collections Based on Device Model

2 min read
Feb
10

Configuration Manager Automation: A Guide to Exporting and Importing Queries using PowerShell

1 min read

Member discussion