The latest articles on DEV Community by Ibrahim Abdulsalam (@asonym100). https://dev.to/asonym100 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1150745%2F8607b3fd-544c-4f21-9712-6b99947fcdc7.png https://dev.to/asonym100 en Ibrahim Abdulsalam Sat, 16 Dec 2023 00:57:03 +0000 https://dev.to/asonym100/automated-onboarding-azure-project-p2 https://dev.to/asonym100/automated-onboarding-azure-project-p2 <h2> <strong>Project Intro</strong> </h2> <p>I have been working on some hands on projects in Azure to further build and expand my cloud skills. This project is one of the project ideas inspired by <a href="https://www.linkedin.com/in/madebygps/">Gwyneth Peña-Siguenza</a>. Big shout out to her for all the incredible content she puts out. I highly recommend her youtube <a href="https://www.youtube.com/@MadeByGPS">channel</a> for anyone who is looking to advance their career. </p> <p>The aim of the project is to streamline and automate the process of onboarding a new employee into Azure AD now known as Entra ID, and assigning the user necessary Azure resources. Utilizing Azure Logic Apps, the process is to have the new team member details input into Logic Apps which then creates the user account, adds them to a group and assigns them neccessary roles and permissions. Thereafter, finally sends a welcome email to the manager advising of account creation. I used the HTTP request option, making use of the Thunder Client VSCode extension to trigger the Logic App workflow.</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--AEiibUTe--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/ex23m49ve0n3ja1xze9r.jpeg" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--AEiibUTe--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/ex23m49ve0n3ja1xze9r.jpeg" alt="Image description" width="708" height="730"></a></p> <h2> <strong>Project Steps</strong> </h2> <p>The resources needed for the project are:</p> <ul> <li><p>Azure Account</p></li> <li><p>Entra ID</p></li> <li><p>Azure Logic Apps</p></li> <li><p>Azure Resource Manager </p></li> <li><p>VSCode and Thunder Client extension</p></li> </ul> <p>The first step of the project is to have your Azure account and Entra ID tenant set up, once that is set up then we go ahead and create a basic group that we can add our new starter into. </p> <p>Next line of action is to create our Logic App. In the creation, I selected the consumption-based plan so I'm only paying for whenever the workflow runs. Once the Logic App is deployed, next step is to go into the logic app designer pane and begin creating our app.</p> <p>To start the workflow, a trigger needs to be selected. I selected the "When a HTTP request is received" trigger. The trigger asks for a JSON Schema which I generated using this site <a href="https://www.liquid-technologies.com/online-json-to-schema-converter">JSON to JSON Schema Converter.</a> and added it to the trigger.</p> <p>Next step is to create our actions. As earlier stated, we need the Logic App to create the user account, add the user to a group along with necessary roles and access assignment, and finally sending a welcome email to the manager to advise of the account creation. </p> <p>The first action is to create our user in our Microsoft Entra ID tenant. I filled in the boxes of the create user action by using dynamic content and concat functions to pull data from the JSON in the HTTP request. </p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--xDL4Y8ll--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/kf6ihfujhbyavu4n5e2q.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--xDL4Y8ll--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/kf6ihfujhbyavu4n5e2q.png" alt="HTTP Request and Create User" width="732" height="902"></a></p> <p>Now with the create user action completed, I moved on to the next action to add the user to the group which I created earlier in my Microsoft Entra ID. To add the user to the group, 2 things are needed. The Group ID which I can grab from the Group details pane, and the User ID. The User ID, like previously in the Create User action, can be grabbed using Dynamic content.</p> <p>With the user created and added to our specified group, the final step in the workflow was to add the action to send the welcome email to advise of the account creation</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--m7dG7jah--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/py3nmr2dlqjsgdks50dy.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--m7dG7jah--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/py3nmr2dlqjsgdks50dy.png" alt="Group and Email" width="732" height="740"></a></p> <p>Now with our logic app workflow completed and saved, it's time to put the Thunder Client extension to work in VSCode. I loaded up VSCode and opened the Thunder Client extension, selecting the POST option and pasting the Post URL copied from our HTTP trigger to the POST field. I then added the JSON body of the required parameters that the Logic App requested, and sent the request.</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--R5FfCwxN--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/3hwrghz2s4b61hwiyyu6.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--R5FfCwxN--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/3hwrghz2s4b61hwiyyu6.png" alt="VSCode Thunder Client" width="800" height="237"></a></p> <p>With the request sent, I headed back to Azure Portal to verify that the run was successful. I checked and confirmed the user was indeed created in Entra ID and also made sure the user was in the group specified. I also checked my email to confirm I received the welcome email advising of the account creation.</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--bghAaBCg--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/r9dzyn0xosjt9oja5uk1.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--bghAaBCg--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/r9dzyn0xosjt9oja5uk1.png" alt="Users" width="800" height="426"></a></p> <h2> <strong>Conclusion</strong> </h2> <p>This mini project was excellent and I had lots of fun building it. The project has helped further my understanding of Entra ID and its services such as Privileged Identity Management (PIM), enabling me to effectively manage, control, and monitor access to important resources. I have also honed my skills in designing automation workflows using Azure Logic Apps, using triggers and actions tailored for specific tasks.</p> <p>Till next time when I bring you another of my Azure projects, stay blessed and thank you for taking the time to give this a read!</p> azure logicapps entraid azureproject