Azure Stack Hub privileged endpoint reference

The Azure Stack Hub privileged endpoint (PEP) is a pre-configured remote PowerShell console that provides you with the capabilities to perform a required task. The endpoint uses PowerShell JEA (Just Enough Administration) to expose only a restricted set of cmdlets.

Privileged endpoint cmdlets

Cmdlet	Description
Close-PrivilegedEndpoint	No description.
Get-ActionStatus	Gets the status of the latest action for the operation with the specified function name.
Get-AzsDnsForwarder	Get the DNS forwarder IP addresses used by Azure Stack Hub
Get-AzSDnsServerSettings	Get DNS server settings
Get-AzSLegalNotice	Get legal notice caption and text
Get-AzureStackLog	Get logs from various roles of AzureStack with timeout.
Get-AzureStackStampInformation	Gets the stamp information.
Get-AzureStackSupportConfiguration	Gets Support Service configuration settings.
Get-CloudAdminPasswordRecoveryToken	No description.
Get-CloudAdminUserList	No description.
Get-ClusterLog	No description.
Get-GraphApplication	Get-GraphApplication is a wrapper function to get the Graph application information for the application Name or Identifier specified.
Get-StorageJob	No description.
Get-SupportSessionInfo	No description.
Get-SupportSessionToken	No description.
Get-SyslogClient	Gets the syslog Client settings.
Get-SyslogServer	Gets the syslog server endpoint.
Get-ThirdPartyNotices	No description.
Get-TLSPolicy	No description.
Get-VirtualDisk	No description.
Invoke-AzureStackOnDemandLog	Generates on demand logs from AzureStack roles where applicable.
New-AzureBridgeServicePrincipal	Creates a new service principal in Microsoft Entra ID.
New-AzureStackActivation	Activate Azure Stack.
New-CloudAdminUser	No description.
New-GraphApplication	New-GraphApplication is a wrapper function to call ADFS Graph cmdlets on AD FS.
New-RegistrationToken	Creates a new registration token
Register-CustomAdfs	Script to register custom Active Directory Federation Service (ADFS) as claims provider with Azure Stack AD FS.
Register-CustomDnsServer	Script to register custom DNS servers with Azure Stack DNS.
Register-DirectoryService	Script to register customer Active Directory with Graph Service.
Remove-AzureStackActivation	No description.
Remove-CloudAdminUser	No description.
Remove-GraphApplication	Remove-GraphApplication is a wrapper function to call ADFS Graph cmdlets on AD FS.
Repair-VirtualDisk	No description.
Reset-DatacenterIntegrationConfiguration	Script to reset Datacenter Integration changes.
Send-AzureStackDiagnosticLog	Sends Azure Stack Diagnostic Logs to Microsoft.
Set-AzSLegalNotice	Set legal notice caption and text
Set-AzsDnsForwarder	Update the DNS forwarder IP addresses used by Azure Stack Hub
Set-AzSDnsServerSettings	Update DNS server settings
Set-CloudAdminUserPassword	No description.
Set-GraphApplication	Set-GraphApplication is a wrapper function to call ADFS Graph cmdlets on AD FS.
Set-ServiceAdminOwner	Script used for both Microsoft Entra ID and AD FS systems to update the service administrator.
Set-SyslogClient	Imports and applies syslog client endpoint certificate.
Set-SyslogServer	Sets the syslog server endpoint.
Set-Telemetry	Enables or disables the transfer of telemetry data to Microsoft.
Set-TLSPolicy	No description.
Start-AzsCryptoWipe	Performs cryptographic wipe of Azure Stack Hub infrastructure.
Start-AzureStack	Starts all Azure Stack services.
Start-SecretRotation	Triggers secret rotation on a stamp.
Stop-AzureStack	Stops all Azure Stack services.
Test-AzureStack	Validates the status of Azure Stack.
Unlock-SupportSession	No description.

Next steps

For more information about the Privileged Endpoint on Azure Stack Hub, see Using the privileged endpoint in Azure Stack.