first commit

2024-07-12 12:58:40 +02:00
commit 30fdad3be5
557 changed files with 11142 additions and 0 deletions
--- a/roles/azure_get-expiring-tokens-az/tasks/main.yml
+++ b/roles/azure_get-expiring-tokens-az/tasks/main.yml
@@ -0,0 +1,48 @@
+---
+# tasks file for linux_get-expiring-tokens-az
+  # - name: Get list of expiring app registration secret keys
+  #   uri:
+  #     url: https://graph.microsoft.com/v1.0/applications
+  #     headers:
+  #       Authorization: "Bearer {{ access_token }}"
+  #       Content-Type: "application/json"
+  #     return_content: yes
+  #   register: app_registrations
+
+
+# - name: Get all Azure app registrations
+#   azure.azcollection.azure_rm_adserviceprincipal_info:
+#     tenant: 03a0b8f2-7896-4d4d-bd81-9d6314ae3e15
+#   register: service_principals
+
+# - name: Get expiring secrets
+#   set_fact:
+#     expiring_secrets: "{{ service_principals | json_query(query) }}"
+#   vars:
+#     query: "[?has(passwordCredentials[?endDate<=`{{ date_to_check }}`])].{displayName: displayName, objectId: objectId, expiring_secrets: passwordCredentials[?endDate<=`{{ date_to_check }}`].{startDate: startDate, endDate: endDate}}"
+  
+# - name: Print expiring secrets
+#   debug:
+#     var: expiring_secrets
+#   when: expiring_secrets | length > 0
+
+
+
+  - name: get az app regs
+    azure.azcollection.azure_rm_adserviceprincipal_info:
+     tenant: "{{AZURE_TENANT}}"
+    register: service_principals
+
+
+  - name: try to print all sp's
+    debug:
+      var: service_principals
+
+  - name: get ad password info
+    azure.azcollection.azure_rm_adpassword_info:
+      app_id: 140ddce1-f5e1-45a3-84e0-38e8ec16e72b
+      tenant: "{{AZURE_TENANT}}"
+      #key_id: c13469d5-46bd-4faa-b9dc-b18cbacd144e
+      app_object_id: b1d67282-fc59-4a7d-8aab-178a6e3a8e2f
+
+