Broadly spreaded over the last two and a half years, I developed some PowerShell Script for managing bulk actions for Conditional Access Policies. I have often used these scripts for import or export as well as backup scenarios.
Now, I have combined these PowerShell scripts as CAxPorter utility which I have published on Github in an early version (0.1.0). You can find this tool in my GitHub Repository: PatrickSeltmann/CAxPorter-Utility: PowerShell Scripts to maintain Conditional Access Policies
CAxPorter utility offers a graphical user and command line interface. You can use this tool for:
- import selected ca policies
- export / backup selected ca policies
- rename existing ca policy based on search pattern
- delete selected ca policies
- create a markdown documentation of ca policies with OpenAI API
Note: During the export I modified the JSON structure, so that all policy information is stored into a single file (except terms of use). It is not possible to import these json files natively. You have to use the import logic of CAxPorter utility to import these JSON files.
Are the defined group, authentication strengths and authentication context configurations from the policy JSON files do not exist in your tenant, the Import CA policies task is creates the specified configuration.
You are welcome to use these scripts and give some feedback. 🙂
Start CAxPorter utility
Requirements:
- Microsoft.Graph PowerShell SDK
- PowerShell V7
Before you can execute the tool, you have to clone the repository:
git clone https://github.com/PatrickSeltmann/CAxPorter-Utility.git
cd CAxPorter-UtilityAfter that, you can run the utility from a PowerShell V7 prompt to access the main menu.
.\main.ps1
Import CA Policies
If you have selected Import CA policies, a new interface opens.
Select a input directory and all JSON files will be show automatically. Now you can select some or all policies for import. If you want to add a prefix for the displayname of the policies, you can enter a string in the “Policy Prefix” text box.
Export CA Policies
If you want to export your ca policies or create a backup of selected or all policies, you have to start Export CA policies.
You have to define an output directoy to save the policies in JSON.
If you own an OpenAI API key, you can activate the Generate Markdown documentation via OpenAI checkbox, if you also want to create human-readable documentations for the selected policies. This step can also be started separately later via the menu item Document CA policies via OpenAI. OpenAI API key must be purchased – more information on https://platform.openai.com/
Be carfeully becau condtional access policies content sensitive informations.
Examples
You can find more examples in my Git Repository: https://github.com/PatrickSeltmann/CAxPorter-Utility/tree/9a19cac7cbf584f7705051a3a804a6793c60e768/examples
Rename CA Policies
If you have selected Rename CA policies, a new interface opens. You can define a search and a replacement pattern and decide, if the task should search all policies or only selected one.
After renaming, all renamed policies are highlighted.
Note: You can click Reload all policies to make sure the view is up to date
Delete CA Policies
You can now select the entries to be deleted.
Document CA policies via OpenAI
Similar to the export dialog, you can select some or all policies to create a markdown documentation with OpenAI API.
