I designed it to look for Matillion in the App registration name, feel free to use your own search terms.
# install the module first
# Install-Module AzureAD
#You must call the Connect-AzureAD cmdlet before calling any other cmdlets
Connect-AzureAD
#secret expiration date filter (for example 30 days)
$LimitExpirationDays = 30
#Retrieving the list of secrets that expires in the above range of days
$SecretsToExpire = Get-AzureADApplication -All:$true | ForEach-Object {
$app = $_
@(
Get-AzureADApplicationPasswordCredential -ObjectId $_.ObjectId
Get-AzureADApplicationKeyCredential -ObjectId $_.ObjectId
) | Where-Object {
$_.EndDate -lt (Get-Date).AddDays($LimitExpirationDays)
} | ForEach-Object {
$id = "Not set"
if($_.CustomKeyIdentifier) {
$id = [System.Text.Encoding]::UTF8.GetString($_.CustomKeyIdentifier)
}
[PSCustomObject] @{
App = $app.DisplayName
ObjectID = $app.ObjectId
AppId = $app.AppId
Type = $_.GetType().name
KeyIdentifier = $id
EndDate = $_.EndDate
}
}
}
# Filter for App like Matillion
$MatillionExpires = $SecretsToExpire | Where-Object { $_.App -like '*Matillion*' }
#Printing the list of secrets that are near to expire
if($SecretsToExpire.Count -EQ 0) {
Write-Output "No secrets found that will expire in this range"
}
else {
Write-Output "Secrets that will expire in this range:"
Write-Output $MatillionExpires.Count
Write-Output $MatillionExpires
}
Data Machine 