AzureADSPN.ps1
# Log in to Azure AD with Global Admin | |
Connect-AzureAD | |
# Get the Service Principal for the Function App | |
$faSpn = Get-AzureADServicePrincipal -SearchString "faElvenGraph" | |
# Get some properties for the Service Principal | |
$faSpn | Select-Object ObjectId, ObjectType, AlternativeNames, | |
AppId, DisplayName, ServicePrincipalType | |
# Get a Directory Role | |
$role = Get-AzureADDirectoryRole | Where-Object {$_.DisplayName -eq "Directory Readers" } | |
# Add the Service Principal to the Directory Role | |
Add-AzureADDirectoryRoleMember -ObjectId $role.ObjectId -RefObjectId $faSpn.ObjectId | |
# List Members in the Role | |
Get-AzureADDirectoryRoleMember -ObjectId $role.ObjectId | |
# If you want to remove from the Role, uncomment and use the following | |
#Remove-AzureADDirectoryRoleMember -ObjectId $role.ObjectId -MemberId $faSpn.ObjectId | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment