Last active
March 28, 2020 21:07
-
-
Save javaadpatel/02feed39d8728a9d53ac97176e53e293 to your computer and use it in GitHub Desktop.
Azure Service Principal Creation script (repository link: https://github.com/javaadpatel/Medium_Securing_Traefik_Dashboard)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# login to azure | |
az login | |
# variables | |
$replyUrls = "https://traefik.YOURDOMAIN.com/_oauth", "https://traefikauth.YOURDOMAIN.com/_oauth" | |
$applicationName = "TraefikDashboardAuthentication" | |
# create application | |
$applicationRaw = az ad app create --display-name $applicationName --reply-urls $replyUrls | |
$application = $applicationRaw | ConvertFrom-Json | |
Write-Output "Successfully created Azure AD application"; | |
# create application secret | |
$credentialsRaw = az ad app credential reset --id $application.appId --credential-description "traefikSecret" | |
$credentials = $credentialsRaw | ConvertFrom-Json | |
Write-Output "Successfully created Azure AD application secret"; | |
# add api permissions (Azure Active Directory -> User.Read permission) | |
$api = "00000002-0000-0000-c000-000000000000"; | |
$apiPermissions = "311a71cc-e848-46a1-bdf8-97ff7156d8e6=Scope" | |
az ad app permission add --id $application.appId --api $api --api-permissions $apiPermissions | |
# grant api permissions (Azure Active Directory -> User.Read permission) | |
az ad app permission admin-consent --id $application.appId | |
Write-Output " -----------------------------" | |
Write-Output "Application Id: $($application.appId)" | |
Write-Output "Application Secret: $($credentials.password)" | |
Write-Output " -----------------------------" | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment