SOLVED

Automate AzureAD Configuration and Deployment

%3CLINGO-SUB%20id%3D%22lingo-sub-1290133%22%20slang%3D%22en-US%22%3EAutomate%20AzureAD%20Configuration%20and%20Deployment%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1290133%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20all%2C%20new%20to%20Azure%2FAzureAD%20and%20coming%20from%20AWS.%20In%20AWS%20we%20automated%20everything%20after%20account%20set%20from%20configuration%20of%20IAM%20to%20network%20security.%20Starting%20with%20AzureAD%20I%20find%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3EMuddled%20view%20of%20CLI%20tools%3CUL%3E%3CLI%3EAzure%20CLI%3C%2FLI%3E%3CLI%3EPowershell%20and%20Powershell%20Previews%3C%2FLI%3E%3CLI%3EMSOnline%3C%2FLI%3E%3C%2FUL%3E%3C%2FLI%3E%3CLI%3EMS%20Graph%20API%20not%20so%20well%20documented%20and%20lots%20of%20stuff%20in%20Beta%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20also%20find%20I%20have%20to%20manually%20configure%20a%20lot%20of%20the%20elements%20in%20AzureAD%20directly%20in%20the%20UI.%20Since%20we%20don't%20seem%20to%20have%20any%20config%20backup%20options%20in%20AzureAD%20this%20is%20worrying%20me!%20What%20happens%20if%20a%20rouge%20script%2Fadmin%20blows%20away%20some%20config!%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1290133%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1294759%22%20slang%3D%22en-US%22%3ERe%3A%20Automate%20AzureAD%20Configuration%20and%20Deployment%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1294759%22%20slang%3D%22en-US%22%3EBackup%20is%20indeed%20something%20that%20is%20currently%20not%20implemented%20into%20AAD%20and%20I%20understand%20your%20concern.%3CBR%20%2F%3EOther%20enterprise%20create%20their%20own%20scheduled%20tasks%20to%20backup%20through%20Graph%20API%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1295498%22%20slang%3D%22en-US%22%3ERe%3A%20Automate%20AzureAD%20Configuration%20and%20Deployment%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1295498%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F186539%22%20target%3D%22_blank%22%3E%40Thijs%20Lecomte%3C%2FA%3E%26nbsp%3Bthanks%20for%20this%20but%20looking%20through%20Graph%20some%20config%20items%20don't%20seem%20to%20be%20documented.%20Is%20there%20a%20central%20reference%20for%20all%20AzureAD%20items%20in%20Graph%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1296008%22%20slang%3D%22en-US%22%3ERe%3A%20Automate%20AzureAD%20Configuration%20and%20Deployment%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1296008%22%20slang%3D%22en-US%22%3EI%20mostly%20use%20the%20official%20Graph%20docs.%3CBR%20%2F%3EThey%20are%20a%20bit%20to%20navigate%20at%20first%20but%20they%20get%20used%20to%20it.%3CBR%20%2F%3EYou%20would%20want%20the%20Identity%20bit%20-%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fresources%2Fazure-ad-overview%3Fview%3Dgraph-rest-1.0%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fresources%2Fazure-ad-overview%3Fview%3Dgraph-rest-1.0%3C%2FA%3E%3C%2FLINGO-BODY%3E
Highlighted
Contributor

Hey all, new to Azure/AzureAD and coming from AWS. In AWS we automated everything after account set from configuration of IAM to network security. Starting with AzureAD I find:

 

  • Muddled view of CLI tools
    • Azure CLI
    • Powershell and Powershell Previews
    • MSOnline
  • MS Graph API not so well documented and lots of stuff in Beta

 

I also find I have to manually configure a lot of the elements in AzureAD directly in the UI. Since we don't seem to have any config backup options in AzureAD this is worrying me! What happens if a rouge script/admin blows away some config! :)

3 Replies
Highlighted
Backup is indeed something that is currently not implemented into AAD and I understand your concern.
Other enterprise create their own scheduled tasks to backup through Graph API
Highlighted

@Thijs Lecomte thanks for this but looking through Graph some config items don't seem to be documented. Is there a central reference for all AzureAD items in Graph?

Highlighted
Best Response confirmed by shocko (Contributor)
Solution
I mostly use the official Graph docs.
They are a bit to navigate at first but they get used to it.
You would want the Identity bit - https://docs.microsoft.com/en-us/graph/api/resources/azure-ad-overview?view=graph-rest-1.0