Grants an Azure Service Principle READ access to the Subscription

GrantServicePrincipleAzureSubscriptionReadAccess.ps1

$Subscription = "<Subscription-GUID>"
$ApplicationName = "<AppName>"
$ServicePrincipal = Get-AzureRMADServicePrincipal -DisplayName $ApplicationName
Set-AzureRmContext -Subscription $Subscription
$NewRole = $null
$Retries = 0;
While ($NewRole -eq $null -and $Retries -le 6) {
    Sleep 15
    New-AzureRMRoleAssignment -ResourceGroupName -RoleDefinitionName Reader -ServicePrincipalName $ServicePrincipal.ApplicationId | Write-Verbose -ErrorAction SilentlyContinue
    $NewRole = Get-AzureRMRoleAssignment -ObjectId $ServicePrincipal.Id -ErrorAction SilentlyContinue
    $Retries++;
}
$NewRole