Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Create an AAD service principal and configure it for AAD authentication for the Azure PowerShell cmdlets
# Sign-in as a user in the Owner role
# Sign-in to MSOL
$servicePrincipalName = "http://UniqueName"
$displayName = "UniqueDisplayName"
$addressName = "http://UniqueName"
$strongPassword = "StrongPassword"
# Create a service principal
$address = New-MsolServicePrincipalAddresses -Address $addressName -AddressType Reply
New-MsolServicePrincipal -ServicePrincipalNames $servicePrincipalName -DisplayName $displayName -Type Password -Value $strongPassword -Addresses $address
Get-MsolServicePrincipal -ServicePrincipalName $servicePrincipalName
# Add the service principal to a role
New-AzureRoleAssignment -ServicePrincipalName $servicePrincipalName -RoleDefinitionName "Reader"
Get-AzureRoleAssignment | Select DisplayName, ServicePrincipalName
# Configure the service principal as a PowerShell account
$appPrincipalId = (Get-MsolServicePrincipal -ServicePrincipalName $servicePrincipalName).AppPrincipalId
$securePassword = ConvertTo-SecureString $strongPassword -AsPlainText -Force
$secureCredential = New-Object System.Management.Automation.PSCredential($appPrincipalId, $securePassword)
Add-AzureAccount -ServicePrincipal -Tenant $tenantId -Credential $secureCredential
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.