Download latest Microsoft Service Tags

Ishan jain November 23, 2024 19:22

It is not easy to get latest service tags from Microsoft during a deployment.

Microsoft has a list for service tags, a collection of services and IPs. The list of IPs in the Service Tags can be used to white list a certain Microsoft hosted application.

For example, you are migrating from an old Dynamics Navision to D365 Business Central. To keep your workflows and integrations working you need to allow D365 to access some resources still hosted on-premises. With the help of the IPs list in the Service Tags, you know which IPs to whitelist in your on-premises firewall.

Microsoft does provides the a REST API and downloadable json file. There are also Azure PowerShell and Azure CLI commands for retrieving the list.

But there is no easy way to fetch the latest the information in either Bicep/ARM or Terraform/OpenTofu.
Sure you can use Azure PowerShell or Azure CLI as deploymentScripts in bicep, but both Azure PowerShell and Azure CLI requires you to login first. Same applies for local-exec/remote-exec in Terraform, specially if you are deploying as part of a pipeline on a build agent.

Here is a simple shell/bash snippet:

curl -O $(curl https://www.microsoft.com/en-us/download/details.aspx?id=56519 | grep -Po "\"https:\/\/download\.microsoft\.com\/download\/(.*)\.json\","  | cut -d '"' -f 2)

The snippet above will get the latest url for the json from the downloads page (only tested with downloads page the public cloud) and download the json file.
You can omit the -O argument and pipe the result from stdout to something like jq:

curl $(curl https://www.microsoft.com/en-us/download/details.aspx?id=56519 | grep -Po "\"https:\/\/download\.microsoft\.com\/download\/(.*)\.json\","  | cut -d '"' -f 2) | jq

Resources