Managed Identities to be filtered from app certificate/keys expiry list

Milo James 46 Reputation points
2021-06-02T11:59:08.597+00:00

Hi Team,

We have similar script being used to get the details of all app certificates and their key expiry before their actual end dates. So that we can have it renewed. I noticed that it also gathers Managed Identities along. As managed identity certs/keys are auto-renewed. we would like to exclude them.

Request you to let us know when we filter out using ($_.Type-ne <What should be managed identity type>) here.

I hope to have to the right team look into it and share the details. I was not getting it for Managed Idenity in Azure.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,370 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Saurabh Sharma 23,801 Reputation points Microsoft Employee
    2021-06-03T17:09:01.247+00:00

    Hi @Milo James
    Ok got it. You could use the below cmdlet to filter out Managed Identities as managed identities contain 'https://identity.azure.net' as part of Service Principal Names.

    $AzApps = Get-AzADServicePrincipal | Where-Object -FilterScript { ($_.ServicePrincipalNames -notmatch "https://identity.azure.net") }

    Please let me know if this helps to achieve your goal.

    Thanks
    Saurabh

    ----------

    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.