Here’s another simple PowerShell script using the Azure Az cmdlets that I hope you find useful.
This time it’s a quickie PowerShell script to list all subnets in all virtual networks in all subscriptions that have one or more Azure virtual network service endpoints assigned.
Most Azure users have multiple virtual networks and many subscriptions in their tenant. For a client whose Azure infrastructure is designed this way, I wanted to make sure those Vnets had the proper service endpoints assigned to each subnet. But I found it hard to see the big picture from the Azure portal. That’s because the Azure portal works with one subscription at a time for most resource definitions. That’s what lead me to write this script, which is so simple it’s almost self-explanatory.
Here’s a sample screen shot of the output. In this example, I wanted to see all the virtual networks with the Azure Active Directory service endpoint enabled. It’s a snap to do in Excel with filtering turned on. It also helps that I’ve created all this client’s subscriptions, virtual networks and subnets via ARM templates with a strict naming convention. (Remind me one day to post the ARM template that creates these Vnets with the subnet names that include the CIDR.)
And here’s the script. You should be a global admin with User Access Administrator on the target subscriptions or at least owner on all the subscriptions in the tenant. Also, you should have set a context to a subscription in that tenant (any subscription will do) before you run the script. I hope you find this helpful.
<# .SYNOPSIS Lists all Azure service endpoints assigned to all subnets in all Vnets in an Azure tenant .DESCRIPTION This script retrieves all enabled subscriptions in an Azure tenant, then for each one that has service endpoints assigned to a virutal network, it creates and object with the name(s) of those service endpoints, the name of the Vnet and the name of the subscription. These objects are stored in an array and written to the desktop in .csv format. .INPUTS None .OUTPUTS A comma-separated variable file is created in $HOME/desktop .EXAMPLE .\ShowAllServiceEndpointsInVnetsInAllEnabledSubscriptions.ps1 .NOTES Author: Alex Neihaus Creation Date: 2020-01-06 Copyright (c) 2020 Air11 Technology LLC .LINK https://yobyot.com .COMPONENT Az 3.1.0 or later is required. User must have RBAC Contributor or greater on all subscriptions in the tenant. .LICENSE Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the Software), to deal in the Software without restriction, including without limitation the rights to use copy, modify, merge, publish, distribute sublicense and /or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. #> $csvout = @() # Create an array to hold the .csv output $activesubs = Get-AzSubscription | Where-Object -Property State -eq "Enabled" # Make sure to select only active subscriptions foreach ($sub in $activesubs) { Select-AzSubscription -SubscriptionId $sub.Id | Out-Null "Retrieving subscription: $($sub.Name)" $vnets = Get-AzVirtualNetwork foreach ($vnet in $vnets) { "Retrieving Vnet: $($vnet.Name)" foreach ($subnet in $vnet.Subnets) { foreach ($endpoint in $subnet.ServiceEndpoints.Service) { "Retrieving subnet: $($subnet.name): $($endpoint)" $obj = New-Object -TypeName PSObject -Property ( [ordered]@{ "SubscriptionName" = "$($sub.Name)" "VirtualNetworkName" = "$($vnet.Name)" "SubnetName" = "$($subnet.name)" "ServiceEndpointAssigned" = "$($endpoint)" } ) $csvout += $obj } } } } $csvout | Export-Csv -Path "$HOME/Desktop/ServiceEndpoints.csv" -NoTypeInformation "Output written to .csv on desktop"
Leave a Reply