<# Scheduled Task metadata General GetAzureVMGuestIPsForPA run as ndgov\svcitdiaasauto run whether user is logged on or not Triggers Daily, 2pm - repeat every 1 hour indefinitely Actions "C:\Program Files\PowerShell\7\pwsh.exe" -noninteractive -file "F:\GetAzureVMGuestIPsForPA\GetAzureVMGuestIPsForPA.ps1" Settings allow task to be run on demand stop the task if it runs longer than 1 hour -eq $true if the running task does not end when requested, force it to stop #> $TimeStamp = Get-Date -UFormat "%Y%m%d%H%M%S" Start-Transcript F:\GetAzureVMGuestIPsForPA\Logs\GetAzureVMGuestIPsForPA-$Timestamp.log $VerbosePerfrence = "Continue" #[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 $OutputPath = "C:\inetpub\wwwroot" $WindowsIPs = "" $LinuxIPs = "" $OutFileWin = $OutputPath + "\AzureWin.txt" $OutFileLin = $OutputPath + "\AzureLin.txt" Remove-Item $OutFileWin Remove-Item $OutFileLin $WindowsIpArray = [string]@() $LinuxIpArray = [string]@() # replace with PowerShell.SecretManagement #$username="svcitdazurescript@nd.gov" #$usernameg="svcitdazurescript@ndstate.onmicrosoft.com" #Read-Host -AsSecureString | ConvertFrom-SecureString | Out-File C:\Users\svcitdazurescript\AppData\Local\Microsoft\sac.bat #$password=Get-Content C:\Users\svcitdazurescript\AppData\Local\Microsoft\sac.bat | ConvertTo-SecureString #$passwordg=Get-Content C:\Users\svcitdazurescript\AppData\Local\Microsoft\sacg.bat | ConvertTo-SecureString #$AdminCred=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username,$password #$AdminCredg=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $usernameg,$passwordg # Prepare credentials $svcitdazurescript = Get-Secret -Name svcitdazurescript $MacCred = New-Object System.Management.Automation.PSCredential("svcitdazurescript@nd.gov", $svcitdazurescript.Password) # no VMs or PAs in AzureGov yet (2023/09/26) $MagCred = Get-Secret -Name svcitdazurescriptgov # Azure Commercial $AzAccount = Connect-AzAccount -Credential $MacCred -Environment AzureCloud -Verbose $Subscriptions = Get-AzSubscription | Where-Object { $_.Name -ne "sandbox" -and $_.Name -notlike "Visual Studio*" -and $_.Name -notlike "Azure subscription*" -and $_.Name -notlike "Access to Azure Active Directory*"} foreach ($subscription in $subscriptions) { Set-AzContext -Subscription $subscription $WindowsVMs = Get-AzVM | Where-Object { $_.StorageProfile.osdisk.ostype -match "Windows" } $LinuxVMs = Get-AzVM | Where-Object { $_.StorageProfile.osdisk.ostype -match "Linux" -and $_.StorageProfile.ImageReference.Publisher -ne "infoblox" -and $_.StorageProfile.ImageReference.Publisher -ne "paloaltonetworks" -and $_.StorageProfile.ImageReference.Publisher -ne "juniper-networks" } $nics = Get-AzNetworkInterface | Where-Object { $_.VirtualMachine -NE $null } foreach ($vm in $WindowsVMs) { $vmnicinterfaces = $vm.Networkprofile.NetworkInterfaces.id foreach ($vmnicinterface in $vmnicinterfaces) { $nic = $nics | Where-Object { $_.Id -eq $vmnicinterface } $privateip = $nic.IpConfigurations | select PrivateIPAddress If ($privateip.count -gt 1) { foreach ($private in $privateip) { Write-Warning -Message ($VM.Name + "zzzzz") $WindowsIPs += $private.privateIPAddress + "`n" } } elseIf ($privateip.privateIPAddress -ne $null) { Write-Warning -Message ($VM.Name + "xxxxx") $WindowsIPs += $privateip.privateIPAddress + "`n" } } } foreach ($vm in $LinuxVMs) { $vmnicinterfaces = $vm.Networkprofile.NetworkInterfaces.id foreach ($vmnicinterface in $vmnicinterfaces) { $nic = $nics | Where-Object { $_.Id -eq $vmnicinterface } $privateip = $nic.IpConfigurations | select PrivateIPAddress If ($privateip.count -gt 1) { foreach ($private in $privateip) { $LinuxIPs += $private.privateIPAddress + "`n" } } elseif ($privateip.privateIPAddress -ne $null) { $LinuxIps += $privateip.privateIPAddress + "`n" } } } } #Azure Gov <# no VMs or PAs in AzureGov yet (2023/09/26) $AzAccount = Connect-AzAccount -Credential $MagCred -Environment AzureUSGovernment -Verbose $Subscriptions = Get-AzureRMSubscription | Where-Object { $_.Name -ne "sandbox" } foreach ($subscription in $subscriptions) { Set-AzContext -Subscription $subscription $WindowsVMs = Get-AzVM | Where-Object { $_.StorageProfile.osdisk.ostype -match "Windows" } $LinuxVMs = Get-AzVM | Where-Object { $_.StorageProfile.osdisk.ostype -match "Linux" -and $_.StorageProfile.ImageReference.Publisher -ne "infoblox" -and $_.StorageProfile.ImageReference.Publisher -ne "paloaltonetworks" -and $_.StorageProfile.ImageReference.Publisher -ne "juniper-networks" } $nics = Get-AzNetworkInterface | Where-Object { $_.VirtualMachine -NE $null } foreach ($vm in $WindowsVMs) { $vmnicinterfaces = $vm.Networkprofile.NetworkInterfaces.id foreach ($vmnicinterface in $vmnicinterfaces) { $nic = $nics | Where-Object { $_.Id -eq $vmnicinterface } $privateip = $nic.IpConfigurations | select PrivateIPAddress If ($privateip.count -gt 1) { foreach ($private in $privateip) { $WindowsIPs += $private.privateIPAddress + "`n" } } elseIf ($privateip.privateIPAddress -ne $null) { $WindowsIPs += $privateip.privateIPAddress + "`n" } } } foreach ($vm in $LinuxVMs) { $vmnicinterfaces = $vm.Networkprofile.NetworkInterfaces.id foreach ($vmnicinterface in $vmnicinterfaces) { $nic = $nics | Where-Object { $_.Id -eq $vmnicinterface } $privateip = $nic.IpConfigurations | select PrivateIPAddress If ($privateip.count -gt 1) { foreach ($private in $privateip) { $LinuxIPs += $private.privateIPAddress + "`n" } } elseif ($privateip.privateIPAddress -ne $null) { $LinuxIps += $privateip.privateIPAddress + "`n" } } } } #> #If ($WindowsIPs -ne "" -and $WindowsIPs.Length -gt 150) { $WindowsIPs | Out-File $OutFileWin -Encoding ASCII -NoNewline -Force } #If ($LinuxIPs -ne "" -and $LinuxIPs.Length -gt 150) { $LinuxIPs | Out-File $OutFileLin -Encoding ASCII -NoNewline -Force } $WindowsIPs | Out-File $OutFileWin -Encoding ASCII -NoNewline -Force $LinuxIPs | Out-File $OutFileLin -Encoding ASCII -NoNewline -Force