Private/Connect-FromMachineToAzAccount.ps1
|
# Will be called in VM function Global:Connect-FromMachineToAzAccount { [CmdletBinding()] <# .SYNOPSIS This CmdLet assumes that the VM/VMSS-instance has an active managed identity .DESCRIPTION ... #> param() process { # Get Access Token from Microsoft Managed Identity Endpoint $response = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.azure.com%2F' -Headers @{Metadata = "true" } # Read response and assign variables $content = $response.Content | ConvertFrom-Json $AccessToken = $content.access_token $ClientId = $content.client_id # Connect Account Connect-AzAccount -AccessToken $AccessToken -AccountId $ClientId } } |