Enumeration using HTTP requests
Using HTTP requests
## Getting token for authorization
$Token = (Get-AzAccessToken).Token
## API endpoint for getting the resource group
$URI = 'https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups?api-version=2021-04-01'
## Actual API request
(Invoke-RestMethod -Method GET -Uri $URI -Headers @{'Authorization' = "Bearer $Token"}).valuepotential HTTP calls
If no SignInName only ObjectIDs do this through HTTP calls.
$token = 'eyJ0eX..'
$URI = 'https://management.azure.com/subscriptions?api-version=2020-01-01'
$RequestParams = @{
Method = 'GET'
Uri = $URI
Headers = @{
'Authorization' = "Bearer $token"
}
}
(Invoke-RestMethod @RequestParams).value- List subscriptions: ‘https://management.azure.com/subscriptions?api-version=2020-01-01’
- List resource for subscription: ‘https://management.azure.com/subscriptions/b413826f-108d-4049-8c11-d52d5d388768/resources?api-version=2020-10-01’
- Permissions for resource: ‘https://management.azure.com/subscriptions/b413826f-108d-4049-8c11-d52d5d388768/resourceGroups/Engineering/providers/Microsoft.Compute/virtualMachines/bkpadconnect/providers/Microsoft.Authorization/permissions?api-version=2015-07-01’
- Group Memberships of an User: https://graph.microsoft.com/v1.0/users/[email protected]/memberOf
- List Applications: https://graph.microsoft.com/v1.0/applications