Reccomanded way to automate App Registration process via PowerShell?
Hi,
I am developing a PowerShell script that needs to automate the App Registration process in Azure, creating an Application that should be able to read EntraID Audit logs and interact with Azure services (with Reader role) via its service principal.
The application will be used to launch https://github.com/microsoft/ARI script on Azure Tenants and also to query LogAnalytics/Storage Accounts/Event Hubs to download relevant data logs.
I found following sources:
- https://blog.icewolf.ch/archive/2022/12/02/create-azure-ad-app-registration-with-microsoft-graph-powershell/ which uses the GraphAPI
- https://learn.microsoft.com/en-us/azure/healthcare-apis/register-application-cli-rest which seems to be outdated given comment here https://github.com/MicrosoftDocs/azure-docs/issues/98700
Is there a proper way to achive this using up to date modules/commands? My requirements are the following:
- Minimal user input, ideally just providing admin credentials once at startup
- App Registration creation and secret assignment
- Assign application permissions (NOT delegated) to read EntraID Activity logs and Reader role for the Azure tenant
- Grant admin consent via same PowerShell script if needed for EntraID Activity logs scope
Thanks and if I am somehow missing crucial understanding or approching the issue from a wrong point of view any advise is appriciated!