Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace Entra Id export provider cmdlets with direct calls to REST API endpoint for performance (part 2) #1595

Open
8 tasks
tkol2022 opened this issue Feb 24, 2025 · 0 comments
Open
8 tasks

Replace Entra Id export provider cmdlets with direct calls to REST API endpoint for performance (part 2) #1595

tkol2022 opened this issue Feb 24, 2025 · 0 comments

Comments

@tkol2022
Copy link
Collaborator

tkol2022 commented Feb 24, 2025
edited
Loading

💡 Summary

Based on #1592 we are replacing the cmdlets contained in the MS Graph Powershell modules listed below with directly calls to their respective REST API endpoint for significant improvements.

  • Microsoft.Graph.Applications
  • Microsoft.Graph.Beta.Identity.DirectoryManagement
  • Microsoft.Graph.Beta.DirectoryObjects

Motivation and context

The Entra Id provider is the slowest of the M365 services audited by ScubaGear and we are continuously improving its performance for a better user experience, faster automation (i.e. processes like GitHub actions run much faster) and increased productivity for the development (because we spend less time waiting for the provider to execute.

Implementation notes

Perform these actions for each of the three modules noted above

  • Canvass the ExportAADProvider.psm1 file to determine which cmdlets from the modules above need to be replaced
  • For each of the cmdlets identified determine its Graph REST URI (e.g. /beta/users/{id}) and modify $GraphEndpoints hashtable at the top of the file to include the cmdlet name and REST URI
  • Replace the part of the code that calls each cmdlet with a call to our custom function Invoke-GraphDirectly instead
  • Each of the cmdlets return an object. You will need to modify references to the return objects because the field names that come back from the REST endpoints are slightly different than the ones that the cmdlets use. In general you should hopefully just need to change the case of the starting letter of a field name from caps (e.g. D) to lower case (e.g. d). See separate comment below for screenshots.
  • Modify the Rego rulesets that reference any of the affected field names. Those will also need to change from starting with upper case to starting with lower case.
  • Modify the Rego unit tests
  • Modify the Powershell unit tests (if there are any affected by these changes)
  • Remove the Powershell modules from our installation dependencies list in RequiredVersions.ps1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tkol2022