A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://github.com/devlead/ARI below:

GitHub - devlead/ARI: Azure Resource Inventory .NET Tool

Azure Resource Inventory .NET Tool - Inventories and documents Azure Tenant resources to a set of markdown files for specified tenant to a specified folder.

dotnet tool install -g ari

Use -h / --help to get the current list of available commands and options.

ari --help
ari command --help

The inventory command inventories tenants and outputs it's result as markdown files to specified output path.

ari inventory <tenantId> <outputpath> [options]
Running ARI Successfully for the First Time

By default it'll try authenticate using the DefaultAzureCredential which tries to authorize in the following order based on your environment.

  1. EnvironmentCredential
  2. WorkloadIdentityCredential
  3. ManagedIdentityCredential
  4. SharedTokenCacheCredential
  5. VisualStudioCredential
  6. VisualStudioCodeCredential
  7. AzureCliCredential
  8. AzurePowerShellCredential
  9. AzureDeveloperCliCredential
  10. InteractiveBrowserCredential
Setup Azure App Registration

The recommended way is using a service principal with only the access required for it to document, you can do this by creating an app registration.

  1. Begin by creating an App Registration in Azure Entra for the report generator. This ensures that the report generator has precisely the required access, such as organization-wide read permissions or access to a limited set of subscriptions.
  2. Assign the API permission https://graph.microsoft.com/Organization.Read.All to the created App Registration.
  3. In my tenant, Admin consent is required for this permission.
  4. Add a role that allows the App Registration to read an organization. You can do this under Subscription management in Azure and Access Control (IAM). Add Role Assignment, find the App Registration and give it Read access.
  5. Assign a secret to the App Registration and make a note of this secret.

With the Azure App Registration now configured, we are ready to proceed.

Configure ARI for Execution
  1. Create a dedicated folder for the generated report.
  2. Set the environment variable AZURE_TENANT_ID to the tenant ID (found in the App Registration overview for your app).
  3. Set the environment variable AZURE_CLIENT_ID to the client ID (found in the App Registration overview for your app).
  4. Set the environment variable AZURE_CLIENT_SECRET to the secret noted earlier.
  5. Set the environment variable AZURE_AUTHORITY_HOST to https://login.microsoftonline.com/.

Assuming all the environment variables are correctly set, follow these steps:

dotnet tool install --global ARI
ari <AZURE_TENANT_ID> <FOLDER_FOR_REPORT>

By following these steps, you should be able to run ARI successfully for the first time. If you encounter any issues, double-check the Azure App Registration setup and ensure that the environment variables are accurately configured.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4