Automating Microsoft Entra Conditional Access Policies: My Adventure with the Microsoft Graph PowerShell SDK
Hello, tech friends!
Recently, I jumped into a fun project about Microsoft Entra Conditional Access Policies. A colleague mentioned Microsoft’s Conditional Access Framework for Zero Trust, and I thought, “Why not give it a try?” I immersed myself in the 91-page documentation and tested the framework intensively in my lab environment. What started as a quick look turned into a 6-week journey full of learning and, let’s be honest, a few mistakes along the way.
For those of you in a hurry or eager to dive right into the code, feel free to jump directly to my GitHub Repo. Everything you need is right there. Happy exploring!
The Big Idea
The goal seemed easy at first: Set up this Conditional Access Framework in my playground (aka test environment) and then deploy it in the customer environment. And the main tool for all this? The Microsoft Graph PowerShell SDK.
Learning and Discovering
This project was a real learning trip for me. I got to know a lot about the Microsoft Graph PowerShell SDK. And guess what? I had a secret helper the Code Interpreter Feature of ChatGPT Plus. Everyone is talking about ChatGPT, but you must try the Code Interpreter especially when you are troubleshooting some code.
Inside the Project
If you’re curious about the details, have a look at GitHub Repo under the /Scripts folder. And for the final results? Head over to this PowerPoint Slidedeck
A Little Warning
If you decide to play around with the Policies & Scripts, test them in your lab first. It’s easy to make a small mistake and lock yourself out. And trust me, that’s not fun!
Thanks to…
I want to say a big “Thank You” to Claus Jespersen for creating the Conditional Access Framework for Zero Trust. And, to Merill Fernando for his super useful Conditional Access Documenter Toolkit at idpowertoys.com.
Final Thoughts
This project was a big challenge for me, but also a chance to learn a lot. I got to know the Graph PowerShell SDK and found new tools to help in my work as a Microsoft 365 consultant. If you’re thinking of trying something similar, go for it. And remember, every challenge is a chance to learn!
Some More Things to Check Out: