Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Grants an Azure Service Principle READ access to the Subscription
$Subscription = "<Subscription-GUID>"
$ApplicationName = "<AppName>"
$ServicePrincipal = Get-AzureRMADServicePrincipal -DisplayName $ApplicationName
Set-AzureRmContext -Subscription $Subscription
$NewRole = $null
$Retries = 0;
While ($NewRole -eq $null -and $Retries -le 6) {
Sleep 15
New-AzureRMRoleAssignment -ResourceGroupName -RoleDefinitionName Reader -ServicePrincipalName $ServicePrincipal.ApplicationId | Write-Verbose -ErrorAction SilentlyContinue
$NewRole = Get-AzureRMRoleAssignment -ObjectId $ServicePrincipal.Id -ErrorAction SilentlyContinue
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment