arcus-azure
diff --git a/‎docs/preview/03-Features/powershell/azure-api-management.md‎
Lines changed: 217 additions & 1 deletion b/‎docs/preview/03-Features/powershell/azure-api-management.md‎
Lines changed: 217 additions & 1 deletion
diff --git a/‎src/Arcus.Scripting.ApiManagement/Arcus.Scripting.ApiManagement.psd1‎
106 Bytes b/‎src/Arcus.Scripting.ApiManagement/Arcus.Scripting.ApiManagement.psd1‎
106 Bytes
diff --git a/‎src/Arcus.Scripting.ApiManagement/Arcus.Scripting.ApiManagement.psm1‎
Lines changed: 55 additions & 7 deletions b/‎src/Arcus.Scripting.ApiManagement/Arcus.Scripting.ApiManagement.psm1‎
Lines changed: 55 additions & 7 deletions
diff --git a/‎src/Arcus.Scripting.ApiManagement/Arcus.Scripting.ApiManagement.pssproj‎
Lines changed: 1 addition & 0 deletions b/‎src/Arcus.Scripting.ApiManagement/Arcus.Scripting.ApiManagement.pssproj‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Arcus.Scripting.ApiManagement/Scripts/Backup-AzApiManagementService.ps1‎
Lines changed: 2 additions & 2 deletions b/‎src/Arcus.Scripting.ApiManagement/Scripts/Backup-AzApiManagementService.ps1‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Arcus.Scripting.ApiManagement/Scripts/Create-AzApiManagementApiOperation.ps1‎
Lines changed: 5 additions & 5 deletions b/‎src/Arcus.Scripting.ApiManagement/Scripts/Create-AzApiManagementApiOperation.ps1‎
Lines changed: 5 additions & 5 deletions
@@ -107,7 +107,7 @@ Sign-up or invite a new user in an existing Azure API Management instance.
 | `Note`              | no        | A note that will be added to the user                                                                                                                               |
 | `SendNotification`  | no        | Wether or not a notification will be sent to the email address of the user                                                                                          |
 | `ConfirmationType`  | no        | The confirmation type that will be used when creating the user, this can be `invite` (default) or `signup`                                                          |
-| `ApiVersion`        | no        | The version of the management API to be used.  (default: `2021-08-01`)                                                                                              |
+| `ApiVersion`        | no        | The version of the management API to be used. (default: `2021-08-01`)                                                                                               |
 | `SubscriptionId`    | no        | The Id of the subscription containing the Azure API Management instance. When not provided, it will be retrieved from the current context (Get-AzContext).          |
 | `AccessToken`       | no        | The access token to be used to add the user to the Azure API Management instance. When not provided, it will be retrieved from the current context (Get-AzContext). |
 
@@ -192,6 +192,222 @@ PS> Create-AzApiManagementUserAccount `
 # Account has been created for $FirstName $LastName ($mailAddress) for Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'
 ```
 
+## Applying user configuration to an Azure API Management service from a configuration file
+
+Apply user configuration to an existing Azure API Management instance. You can create or update users and assign groups and/or subscriptions to these users.
+
+| Parameter                         | Mandatory | Description                                                                                                                                                         |
+| --------------------------------- | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `ResourceGroupName`               | yes       | The resource group containing the Azure API Management instance                                                                                                     |
+| `ServiceName`                     | yes       | The name of the Azure API Management instance located in Azure                                                                                                      |
+| `ConfigurationFile`               | yes       | Path to the JSON Configuration file containing the user configuration                                                                                               |
+| `StrictlyFollowConfigurationFile` | no        | The switch to indicate whether the configuration file should strictly be followed, for example remove the user from groups not defined in the configuration file    |
+| `ApiVersion`                      | no        | The version of the management API to be used. (default: `2021-08-01`)                                                                                               |
+| `SubscriptionId`                  | no        | The Id of the subscription containing the Azure API Management instance. When not provided, it will be retrieved from the current context (Get-AzContext).          |
+| `AccessToken`                     | no        | The access token to be used to add the user to the Azure API Management instance. When not provided, it will be retrieved from the current context (Get-AzContext). |
+
+**Configuration File**
+
+The configuration file is a simple JSON file that contains the users that need to be created or updated, the JSON file consists of an array of JSON objects.
+
+
+ The file needs to adhere to the following JSON schema.
+
+ <details>
+
+  <summary>Configuration File</summary>
+
+``` json
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://scripting.arcus-azure.net/Features/powershell/azure-api-management/config.json",
+  "type": "array",
+  "title": "The configuration JSON schema",
+  "$defs": {},
+  "prefixItems": [{
+      "type": "object",
+      "additionalProperties": false,
+      "properties": {
+        "firstName": {
+          "type": "string"
+        },
+        "lastName": {
+          "type": "string"
+        },
+        "userId": {
+          "type": "string"
+        },
+        "mailAddress": {
+          "type": "string"
+        },
+        "sendNotification": {
+          "type": "boolean"
+        },
+        "confirmationType": {
+          "type": "string",
+          "enum": ["signup", "invite"]
+        },
+        "note": {
+          "type": "string"
+        },
+        "groups": {
+          "type": "array",
+          "prefixItems": [{
+              "type": "object",
+              "additionalProperties": false,
+              "properties": {
+                "id": {
+                  "type": "string"
+                },
+                "displayName": {
+                  "type": "string"
+                },
+                "description": {
+                  "type": "string"
+                }
+              },
+              "required": [
+                "id",
+                "displayName"
+              ]
+            }
+          ]
+        },
+        "subscriptions": {
+          "type": "array",
+          "prefixItems": [{
+              "type": "object",
+              "additionalProperties": false,
+              "properties": {
+                "id": {
+                  "type": "string"
+                },
+                "displayName": {
+                  "type": "string"
+                },
+                "scope": {
+                  "type": "string"
+                },
+                "allowTracing": {
+                  "type": "boolean"
+                }
+              },
+              "required": [
+                "id",
+                "displayName",
+                "scope",
+                "allowTracing"
+              ]
+            }
+          ]
+        }
+      },
+      "required": [
+        "firstName",
+        "lastName",
+        "mailAddress",
+        "sendNotification",
+        "confirmationType"
+      ]
+    }
+  ]
+}
+```
+
+</details>
+
+ <details>
+
+  <summary>Example Configuration File</summary>
+
+``` json
+[
+  {
+    "firstName": "John",
+    "lastName": "Doe",
+    "mailAddress": "john@doe.com",
+    "sendNotification": true,
+    "confirmationType": "signup",
+    "note": "This is an optional note",
+    "groups": [
+      {
+        "id": "SomeGroupId",
+        "displayName": "Example Group",
+        "description": "This is a example group"
+      }
+    ],
+    "subscriptions": [
+      {
+        "id": "SomeSubscriptionId",
+        "displayName": "Example Subscription",
+        "scope": "/products/starter",
+        "allowTracing": false
+      }
+    ]
+  },
+  {
+    "firstName": "Jane",
+    "lastName": "Doe",
+    "mailAddress": "jane@doe.com",
+    "sendNotification": true,
+    "confirmationType": "signup",
+    "note": "This is an optional note",
+    "groups": [
+      {
+        "id": "SomeGroupId",
+        "displayName": "Example Group",
+        "description": "This is a example group"
+      },
+	  {
+        "id": "SomeOtherGroupId",
+        "displayName": "Another Example Group",
+        "description": "This is another example group"
+      }
+    ],
+    "subscriptions": [
+      {
+        "id": "SomeSubscriptionId",
+        "displayName": "Example Subscription",
+        "scope": "/products/starter",
+        "allowTracing": false
+      },
+	  {
+        "id": "SomeSOtherubscriptionId",
+        "displayName": "Another Example Subscription",
+        "scope": "/products/starter",
+        "allowTracing": false
+      }
+    ]
+  }
+]
+```
+
+</details>
+
+**Example**
+
+Apply user configuration to an existing Azure API Management instance.
+
+```powershell
+PS> Create-AzApiManagementUserAccountsFromConfig `
+-ResourceGroupName $ResourceGroup `
+-ServiceName $ServiceName `
+-ConfigurationFile ".\config.json"
+# User configuration has successfully been applied for user with ID 'some-id' to Azure API Management service '$ServiceName' in resource group '$ResourceGroup'
+```
+
+Apply user configuration to an existing Azure API Management instance and strictly adhere to the configuration file.
+
+```powershell
+PS> Create-AzApiManagementUserAccountsFromConfig `
+-ResourceGroupName $ResourceGroup `
+-ServiceName $ServiceName `
+-ConfigurationFile ".\config.json" `
+-StrictlyFollowConfigurationFile
+# User configuration has successfully been applied for user with ID 'some-id' to Azure API Management service '$ServiceName' in resource group '$ResourceGroup'
+```
+
+
 ## Removing a user from an Azure API Management service
 
 Remove a user from an existing Azure API Management instance based on e-mail address.
 
@@ -3,7 +3,7 @@
   Backs up an API Management service.
 
  .Description
-  The Backup-AzApiManagement cmdlet backs up an instance of an Azure API Management service by getting the account storage key and creating an new storage context. 
+  The Backup-AzApiManagement cmdlet backs up an instance of an Azure API Management instance by getting the account storage key and creating an new storage context. 
   This cmdlet stores the backup as an Azure Storage blob.
 
  .Parameter ResourceGroupName
@@ -144,10 +144,10 @@ Export-ModuleMember -Function Create-AzApiManagementApiOperation
   [Optional] The confirmation type to use when creating the user, this can be set to 'invite' or 'signup'.
 
  .Parameter ApiVersion
-  [Optional] The version of the api to be used.
+  [Optional] The version of the API to be used.
 
  .Parameter SubscriptionId
-  [Optional] The Id of the subscription containing the Azure API Management service. When not provided, it will be retrieved from the current context (Get-AzContext).
+  [Optional] The Id of the subscription containing the Azure API Management instance. When not provided, it will be retrieved from the current context (Get-AzContext).
 
  .Parameter AccessToken
   [Optional] The access token to be used. When not provided, it will be retrieved from the current context (Get-AzContext).
@@ -177,6 +177,54 @@ function Create-AzApiManagementUserAccount {
 
 Export-ModuleMember -Function Create-AzApiManagementUserAccount
 
+<#
+ .Synopsis
+  Create or update users in Azure API Management.
+
+ .Description
+  Create or update users in an existing Azure API Management instance based on a configuration file.
+
+ .Parameter ResourceGroupName
+  The resource group containing the API Management service.
+
+ .Parameter ServiceName
+  The name of the API Management service located in Azure.
+
+ .Parameter ConfigurationFile
+  The file containing the users and their configuration.
+
+ .Parameter StrictlyFollowConfigurationFile
+  Indicates whether the configuration file should strictly be followed, for example remove the user from groups not defined in the configuration file.
+
+ .Parameter ApiVersion
+  [Optional] The version of the API to be used.
+
+ .Parameter SubscriptionId
+  [Optional] The Id of the subscription containing the Azure API Management instance. When not provided, it will be retrieved from the current context (Get-AzContext).
+
+ .Parameter AccessToken
+  [Optional] The access token to be used. When not provided, it will be retrieved from the current context (Get-AzContext).
+#>
+function Create-AzApiManagementUserAccountsFromConfig {
+    param(
+        [string][Parameter(Mandatory = $true)] $ResourceGroupName = $(throw "Resource group name is required"),
+        [string][parameter(Mandatory = $true)] $ServiceName = $(throw "API management service name is required"),
+        [string][Parameter(Mandatory = $true)] $ConfigurationFile = $(throw "Name of configuration file is required"),
+        [switch][parameter(Mandatory = $false)] $StrictlyFollowConfigurationFile = $false,
+        [string][parameter(Mandatory = $false)] $ApiVersion = "2021-08-01",
+        [string][parameter(Mandatory = $false)] $SubscriptionId,
+        [string][parameter(Mandatory = $false)] $AccessToken
+    )
+    if ($StrictlyFollowConfigurationFile) {
+        . $PSScriptRoot\Scripts\Create-AzApiManagementUserAccountsFromConfig.ps1 -ResourceGroupName $ResourceGroupName -ServiceName $ServiceName -ConfigurationFile $ConfigurationFile -ApiVersion $ApiVersion -SubscriptionId $SubscriptionId -AccessToken $AccessToken -StrictlyFollowConfigurationFile
+    } else {
+        . $PSScriptRoot\Scripts\Create-AzApiManagementUserAccountsFromConfig.ps1 -ResourceGroupName $ResourceGroupName -ServiceName $ServiceName -ConfigurationFile $ConfigurationFile -ApiVersion $ApiVersion -SubscriptionId $SubscriptionId -AccessToken $AccessToken
+    }
+}
+
+Export-ModuleMember -Function Create-AzApiManagementUserAccountsFromConfig
+
+
 <#
  .Synopsis
   Removes a user from Azure API Management.
@@ -194,7 +242,7 @@ Export-ModuleMember -Function Create-AzApiManagementUserAccount
   The e-mail address of the user.
 
  .Parameter SubscriptionId
-  [Optional] The Id of the subscription containing the Azure API Management service. When not provided, it will be retrieved from the current context (Get-AzContext).
+  [Optional] The Id of the subscription containing the Azure API Management instance. When not provided, it will be retrieved from the current context (Get-AzContext).
 
  .Parameter AccessToken
   [Optional] The access token to be used. When not provided, it will be retrieved from the current context (Get-AzContext).
@@ -281,7 +329,7 @@ Export-ModuleMember -Function Remove-AzApiManagementDefaults
  The resource group containing the Azure API Management instance.
 
  .Parameter ServiceName
-  The name of the Azure API Management service located in Azure.
+  The name of the Azure API Management instance located in Azure.
 
  .Parameter ApiId
   The ID to identify the API running in API Management.
@@ -415,7 +463,7 @@ Export-ModuleMember -Function Restore-AzApiManagementService
 function Set-AzApiManagementApiSubscriptionKey {
     param(
         [Parameter(Mandatory = $true)][string] $ResourceGroupName = $(throw = "Resource group name is required"),
-        [Parameter(Mandatory = $true)][string] $ServiceName = $(throw = "Azure API Management service name is required"),
+        [Parameter(Mandatory = $true)][string] $ServiceName = $(throw = "Azure API Management instance name is required"),
         [Parameter(Mandatory = $true)][string] $ApiId = $("API ID to identitfy the Azure API Management instance is required"),
         [Parameter(Mandatory = $false)][string] $HeaderName = "x-api-key",
         [Parameter(Mandatory = $false)][string] $QueryParamName = "apiKey"
@@ -463,7 +511,7 @@ Export-ModuleMember -Function Upload-AzApiManagementCertificate
   Uploads a CA certificate to the Azure API management certificate store.
 
  .Description
-  Uploads a public CA certificate to the Azure API management Root certificate store, allowing certificate validation in the Azure API Management service policy.
+  Uploads a public CA certificate to the Azure API management Root certificate store, allowing certificate validation in the Azure API Management instance policy.
 
  .Parameter ResourceGroupName
   The name of the resource group containing the Azure API Management instance.
 
@@ -33,6 +33,7 @@
     <Compile Include="Arcus.Scripting.ApiManagement.psm1" />
     <Compile Include="Scripts\Backup-AzApiManagementService.ps1" />
     <Compile Include="Scripts\Create-AzApiManagementApiOperation.ps1" />
+    <Compile Include="Scripts\Create-AzApiManagementUserAccountsFromConfig.ps1" />
     <Compile Include="Scripts\Create-AzApiManagementUserAccount.ps1" />
     <Compile Include="Scripts\Import-AzApiManagementProductPolicy.ps1" />
     <Compile Include="Scripts\Remove-AzApiManagementDefaults.ps1" />
 
@@ -22,7 +22,7 @@ if ($storageKeys -eq $null -or $storageKeys.count -eq 0) {
     $storageContext = New-AzStorageContext -StorageAccountName $StorageAccountName -StorageAccountKey $storageKey.Value
     Write-Host "New Azure storage context for storage account '$($StorageAccountName)' with storage key created!" -ForegroundColor Green
 
-    Write-Verbose "Start backing up Azure API management service '$($ServiceName)' in resource group '$($ResourceGroupName)'..."
+    Write-Verbose "Start backing up Azure API Management instance '$($ServiceName)' in resource group '$($ResourceGroupName)'..."
     if ($BlobName -ne $null) {
         if ($PassThru) {
             if ($DefaultProfile -ne $null) {
@@ -53,5 +53,5 @@ if ($storageKeys -eq $null -or $storageKeys.count -eq 0) {
         }
     }
 
-    Write-Host "Azure API management service '$($ServiceName)' in resource group '$($ResourceGroupName)' is backed-up!" -ForegroundColor Green
+    Write-Host "Azure API Management instance '$($ServiceName)' in resource group '$($ResourceGroupName)' is backed-up!" -ForegroundColor Green
 }
@@ -12,20 +12,20 @@ param(
 
 $apim = Get-AzApiManagement -ResourceGroupName $ResourceGroupName -Name $ServiceName
 if ($apim -eq $null) {
-    throw "Unable to find the Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'"
+    throw "Unable to find the Azure API Management instance '$ServiceName' in resource group '$ResourceGroupName'"
 }
 $apimContext = New-AzApiManagementContext -ResourceGroupName $ResourceGroupName -ServiceName $ServiceName
 
 New-AzApiManagementOperation -Context $apimContext -ApiId $ApiId -OperationId $OperationId -Name $OperationName -Method $Method -UrlTemplate $UrlTemplate -Description $Description
-Write-Host "New API operation '$OperationName' was added on Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'"
+Write-Host "New API operation '$OperationName' was added on Azure API Management instance '$ServiceName' in resource group '$ResourceGroupName'"
 
 if($OperationId -eq "" -or $PolicyFilePath -eq "")
 {
-    Write-Warning "No policy has been defined for Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'"
+    Write-Warning "No policy has been defined for Azure API Management instance '$ServiceName' in resource group '$ResourceGroupName'"
 }
 else
 {
-    Write-Verbose "Updating policy of the operation '$OperationId' in API '$ApiId' of the Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'..."
+    Write-Verbose "Updating policy of the operation '$OperationId' in API '$ApiId' of the Azure API Management instance '$ServiceName' in resource group '$ResourceGroupName'..."
     Set-AzApiManagementPolicy -Context $apimContext -ApiId $ApiId -OperationId $OperationId -PolicyFilePath $PolicyFilePath
-    Write-Host "Updated policy of the operation '$OperationId' in API '$ApiId' of the Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'" -ForegroundColor Green
+    Write-Host "Updated policy of the operation '$OperationId' in API '$ApiId' of the Azure API Management instance '$ServiceName' in resource group '$ResourceGroupName'" -ForegroundColor Green
 }
Original file line number	Diff line number	Diff line change
`@@ -22,7 +22,7 @@ if ($storageKeys -eq $null -or $storageKeys.count -eq 0) {`
`22`	`22`	`$storageContext = New-AzStorageContext -StorageAccountName $StorageAccountName -StorageAccountKey $storageKey.Value`
`23`	`23`	`Write-Host "New Azure storage context for storage account '$($StorageAccountName)' with storage key created!" -ForegroundColor Green`
`24`	`24`
`25`		`- Write-Verbose "Start backing up Azure API management service '$($ServiceName)' in resource group '$($ResourceGroupName)'..."`
	`25`	`+ Write-Verbose "Start backing up Azure API Management instance '$($ServiceName)' in resource group '$($ResourceGroupName)'..."`
`26`	`26`	`if ($BlobName -ne $null) {`
`27`	`27`	`if ($PassThru) {`
`28`	`28`	`if ($DefaultProfile -ne $null) {`
`@@ -53,5 +53,5 @@ if ($storageKeys -eq $null -or $storageKeys.count -eq 0) {`
`53`	`53`	`}`
`54`	`54`	`}`
`55`	`55`
`56`		`- Write-Host "Azure API management service '$($ServiceName)' in resource group '$($ResourceGroupName)' is backed-up!" -ForegroundColor Green`
	`56`	`+ Write-Host "Azure API Management instance '$($ServiceName)' in resource group '$($ResourceGroupName)' is backed-up!" -ForegroundColor Green`
`57`	`57`	`}`
Original file line number	Diff line number	Diff line change
`@@ -12,20 +12,20 @@ param(`
`12`	`12`
`13`	`13`	`$apim = Get-AzApiManagement -ResourceGroupName $ResourceGroupName -Name $ServiceName`
`14`	`14`	`if ($apim -eq $null) {`
`15`		`- throw "Unable to find the Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'"`
	`15`	`+ throw "Unable to find the Azure API Management instance '$ServiceName' in resource group '$ResourceGroupName'"`
`16`	`16`	`}`
`17`	`17`	`$apimContext = New-AzApiManagementContext -ResourceGroupName $ResourceGroupName -ServiceName $ServiceName`
`18`	`18`
`19`	`19`	`New-AzApiManagementOperation -Context $apimContext -ApiId $ApiId -OperationId $OperationId -Name $OperationName -Method $Method -UrlTemplate $UrlTemplate -Description $Description`
`20`		`-Write-Host "New API operation '$OperationName' was added on Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'"`
	`20`	`+Write-Host "New API operation '$OperationName' was added on Azure API Management instance '$ServiceName' in resource group '$ResourceGroupName'"`
`21`	`21`
`22`	`22`	`if($OperationId -eq "" -or $PolicyFilePath -eq "")`
`23`	`23`	`{`
`24`		`- Write-Warning "No policy has been defined for Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'"`
	`24`	`+ Write-Warning "No policy has been defined for Azure API Management instance '$ServiceName' in resource group '$ResourceGroupName'"`
`25`	`25`	`}`
`26`	`26`	`else`
`27`	`27`	`{`
`28`		`- Write-Verbose "Updating policy of the operation '$OperationId' in API '$ApiId' of the Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'..."`
	`28`	`+ Write-Verbose "Updating policy of the operation '$OperationId' in API '$ApiId' of the Azure API Management instance '$ServiceName' in resource group '$ResourceGroupName'..."`
`29`	`29`	`Set-AzApiManagementPolicy -Context $apimContext -ApiId $ApiId -OperationId $OperationId -PolicyFilePath $PolicyFilePath`
`30`		`- Write-Host "Updated policy of the operation '$OperationId' in API '$ApiId' of the Azure API Management service '$ServiceName' in resource group '$ResourceGroupName'" -ForegroundColor Green`
	`30`	`+ Write-Host "Updated policy of the operation '$OperationId' in API '$ApiId' of the Azure API Management instance '$ServiceName' in resource group '$ResourceGroupName'" -ForegroundColor Green`
`31`	`31`	`}`