Skip to content

v0.0.3-alpha

Choose a tag to compare

View all tags
@thetolkienblackguy thetolkienblackguy released this 26 Feb 18:40
· 30 commits to main since this release
v0.0.3-alpha
81fe722

ConditionalAccessIQ v0.0.3 Release Notes

Overview

ConditionalAccessIQ, is a PowerShell module that helps administrators track, audit, and visualize changes to Conditional Access policies in Microsoft Entra ID (Azure AD). The module creates comprehensive HTML reports of policy modifications, including detailed before/after comparisons, and provides a complete audit trail for compliance and security purposes.

What's New

  • Improvements:
    • Added support for all Graph environments (Global, US Gov, US Gov DoD, China, Germany)

Upgrade Notes

This version is fully backward compatible with previous versions. No changes to existing scripts or workflows are required.

Installation

Install-Module ConditionalAccessIQ
Import-Module ConditionalAccessIQ

Quick Start

# Connect to Microsoft Graph with required permissions
Connect-MgGraph -Scopes "Policy.Read.All","AuditLog.Read.All","Directory.Read.All"

# Run the main command with default options
Invoke-CAIQ

This generates a comprehensive HTML report (Conditional_Access_Intelligence.html) showing all policy changes from the past 24 hours and automatically opens it in your browser.

Advanced Usage

# Customize date range (UTC format)
Invoke-CAIQ -StartDate "2024-11-01T00:00:00Z" -EndDate "2024-11-15T23:59:59Z" -OutputPath "C:\Reports\CA" -Title "November CA Policy Changes"

Known Limitations

  • Audit Log Retention: Limited to your Entra ID audit log retention period

Requirements

  • PowerShell 5.1 or PowerShell Core (7.x)
  • Microsoft Graph PowerShell SDK

Note: Feedback and feature requests are welcome!

Assets 2
Loading