Silverlight digital3/26/2023 az ad group member add -group $groupId -member-id $objectId Then the az ad group member add command allows us to add the object id of our service principal to the group. $groupId = az ad group list -filter "displayname eq '$groupName'" ` We need the group id to do that, and if we need to look it up, we can do so with the az ad group list command and using a filter. Suppose we want to add the service principal to a group. If you do need the app id for any reason you just need to change the query parameter: $appId = az ad sp list -filter "displayname eq '$spName'" ` Note that the object id is different from the app id. $objectId = az ad sp list -filter "displayname eq '$spName'" ` Note that you should avoid trying to use the query parameter to find the matching name, as that will likely not find it as it only applies to the first page of results. You can use a filter with the az ad sp list command to find that service principal and then a query to pick out just the object id. Suppose you know the name of the service principal, but not the "object id", which is required for assigning it to groups and roles. So in this post I'll sharing a few Azure CLI commands that should prove useful whenever you're configuring Service Principals. The more I use Azure the more often I find myself needing to assign various managed identities / service principals to various groups and roles, and while that can be done in the Portal, it's cumbersome and I'd prefer to automate it.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |