![]() Connect-AzAccount -ServicePrincipal -ApplicationId $servicePrincipalId -Tenant $tenantId -CertificateThumbprint Parameter and provide the service principal's Application ID as the value for the ApplicationId When using a service principal instead of a registered application, specify the ServicePrincipal Connect-AzAccount -ApplicationId $appId -Tenant $tenantId -CertificateThumbprint Local certificate store based on a certificate thumbprint. Certificate-based authenticationĬertificate-based authentication requires that Azure PowerShell can retrieve information from a Make sure that you use good password storage practices when automating service principal connections. $pscredential = New-Object -TypeName -ArgumentList $sp.AppId, $SecureStringPwd SecretText: $SecureStringPwd = $sp.PasswordCredentials.SecretText | ConvertTo-SecureString -AsPlainText -Force $pscredential = Get-Credential -UserName $sp.AppIdĬonnect-AzAccount -ServicePrincipal -Credential $pscredential -Tenant $tenantIdįor automation scenarios, you need to create credentials from a service principal's AppId and # Retrieve the plain text password for use with `Get-Credential` in the next command. Use the service principal's applicationIDįor the username and convert its secret to plain text for the password. To get the service principal's credentials as the appropriate object, use theĬmdlet presents a prompt for a username and password. Ensure this directory has appropriate protections. The provided service principal secret is stored in the AzureRmContext.json file in your user $sp = New-AzADServicePrincipal -DisplayName ServicePrincipalName For more information onĬreate an Azure service principal with Azure PowerShell. Password-based authenticationĬreate a service principal to be used in the examples in this section. It's configured for password-based or certificate-based authentication. How you sign in with a service principal depends on whether You'll also need the service principal's application ID, sign-in credentials, and the tenant To sign in with a service principal, use the ServicePrincipal parameter of the Connect-AzAccountĬmdlet. To learn how to create a service principal for use with Azure PowerShell, seeĬreate an Azure service principal with Azure PowerShell. Needs, your automation scripts stay secure. By granting a service principal only the permissions it ![]() ![]() Like other user accounts, their permissionsĪre managed with Azure Active Directory. Service principals are non-interactive Azure accounts. Connect-AzAccount -UseDeviceAuthentication ![]() You can specify the UseDeviceAuthentication parameter to use device code authentication instead ofĪ browser control. In a variable to be used in the next two sections of this article. Use the Get-AzContext cmdlet to store your tenant ID This cmdlet presents an interactive browser based login prompt by default. Sign in interactivelyĬonnect-AzAccount cmdlet. Your credentials are shared among multiple PowerShell sessions as long as you remain signed in.įor more information, see Azure PowerShell context objects. ![]()
0 Comments
Leave a Reply. |