Posts

Showing posts with the label service principal

Hiding Azure Enterprise App from users using az cli or PowerShell

Toggling "Visible to users" setting on portal adds / removes tag called HideApp.

How to get list of Azure service tags and IP ranges using az cli

Microsoft provides weekly updated list of IP addresses used by various Azure features as downloadable JSON file on their webpage. Automating download of it is however not supported and prone to breakage. Same information is now also available via Azure Service Tag Discovery API. New API is still in public preview state and list of IPs it provides is far less than downloadble file contains. So either list of IPs from API is tailored for your particular subscription or it is incomplete. Discovery API requires authenticated session to Azure so we need to create service principal and custom RBAC role to keep things secure. See you for more after the break.