diff --git a/Azure/Azure-App-Expiration.ps1 b/Azure/Azure-App-Expiration.ps1 index ffbf7c0..bcc99ec 100644 --- a/Azure/Azure-App-Expiration.ps1 +++ b/Azure/Azure-App-Expiration.ps1 @@ -26,7 +26,7 @@ #region Global script settings and variables #General - $Version = "v1.0" + $Version = "v1.1" $logfilelocation = "$($MyInvocation.MyCommand.Path | Split-Path -Parent)\Logs" $logfilename = "$(Get-Date -Format yyyyMMddHHmmss)-Azure-App-Expiration-Report.log" $summaryfilename = "$(Get-Date -Format yyyyMMddHHmmss)-Azure-App-Expiration-Summary.txt" @@ -123,10 +123,10 @@ #endregion #region execute script - #Collect all app information - $AzureADApps = Get-MgApplication | Sort-Object DisplayName - $AppCertificateDetails = @() #Initiate the array to store the collected information + #Collect all app Registration information + $AzureADApps = Get-MgApplication -all | Sort-Object DisplayName $AppClientSecretsDetails = @() #Initiate the array to store the collected information + $AppCertificateDetails = @() #Initiate the array to store the collected information foreach ($App in $AzureADApps) { #Script should be extended to also include Certificates, preparations are already made. @@ -151,6 +151,27 @@ } } } + #Collect Client Secret details if available + if ($null -ne $App.KeyCredentials) { + foreach ($KeyCredential in $App.KeyCredentials) { + #Calculate remaining days + $RemainingDays = New-TimeSpan -Start $(Get-Date) -End $KeyCredential.EndDateTime + $DaysRemaining = $RemainingDays.Days + switch ($DaysRemaining) { + {$_ -le '0'} {$CalculatedStatus = "ERROR"} + {$_ -le $WarningDays} {$CalculatedStatus = "WARNING"} + Default {$CalculatedStatus = "OK"} + } + + $AppCertificateDetails += [PSCustomObject]@{ + AppDisplayName = $App.DisplayName + CertificateName = $KeyCredential.Displayname + Enddate = $KeyCredential.EndDateTime + DaysRemaining = $DaysRemaining + Status = $CalculatedStatus + } + } + } } #endregion @@ -183,7 +204,7 @@ $htmlReport = @" Script version: $Version

"@ if ("" -ne $AppClientSecretsDetails) { $htmlReport += @" -

Application Secrets Overview

+

App Registration Secrets Overview

@@ -195,7 +216,6 @@ $htmlReport = @" "@ foreach ($AppClientSecretsDetail in $AppClientSecretsDetails) { $htmlReport += @" - @@ -207,6 +227,34 @@ $htmlReport = @" default {""} } ) +"@ + } + $htmlReport += "
App DisplayName
$($AppClientSecretsDetail.AppDisplayName) $($AppClientSecretsDetail.SecretName)$($AppClientSecretsDetail.Status)
" + } + if ("" -ne $AppCertificateDetails) { $htmlReport += @" +

App Registration Certificates Overview

+ + + + + + + + +"@ + foreach ($AppCertificateDetail in $AppCertificateDetails) { + $htmlReport += @" + + + + + + $(switch ($AppCertificateDetail.Status) { + 'ERROR' {""} + 'WARNING' {""} + default {""} + } ) + "@ } $htmlReport += "
App DisplayNameCertificate NameEnddateDays RemainingStatus
$($AppCertificateDetail.AppDisplayName)$($AppCertificateDetail.CertificateName)$($AppCertificateDetail.Enddate)$($AppCertificateDetail.DaysRemaining)$($AppCertificateDetail.Status)$($AppCertificateDetail.Status)$($AppCertificateDetail.Status)
" @@ -250,5 +298,16 @@ $htmlReport = @" Write-Summary "Status: $($AppClientSecretsDetail.Status)" } } + if ("" -ne $AppCertificateDetails) { + Write-Summary "App Client Secrets" + foreach ($AppCertificateDetail in $AppCertificateDetails) { + Write-Summary "******************" + Write-Summary "App DisplayName: $($AppCertificateDetail.AppDisplayName)" + Write-Summary "Certificate Name: $($AppCertificateDetail.CertificateName)" + Write-Summary "Enddate: $($AppCertificateDetail.Enddate)" + Write-Summary "Days Remaining: $($AppCertificateDetail.DaysRemaining)" + Write-Summary "Status: $($AppCertificateDetail.Status)" + } + } Write-Summary "---------------------------" #endregion \ No newline at end of file