In this blog post we are going to learn how to:

Create Service Prinsipal manually

Login to your Azure portal. How to create an Azure account, read my blog here.

Go to Azure Active Directory

Azure Active Directory

Choose App Registrations

App registrations

Click on + New registration

Provide the Name

Register an application

Click Register.

My app

Here Application (client) ID is your Service principal client ID.

Directory (tenant) ID is your tenant id.

Click on Certificates & secrets.

Click on + New client secret

Provide description and choose when the client secret should expire.

Click on Add.

The value here is your client secret or Service Principal Key.

Take good care of this value because you cannot see this value later.

Now we have to add Contributor role

Search for your subscription name in Azure Portal

Subscription

Click on it and go to Access control (IAM)

Access control (IAM)

Click on Add

Choose Add role assignment

Choose Contributor Role and Select My app we just created. Then click on Save.

That's it, we just created a service principle. These values you have to take good care of is

subscription id: guid
tenant id: guid  
Service Principal Id (client id): guid
Service principal key (client secret): guid

Create Service Prinsipal using CLI

When you have created Service Principal manually a couple of times you are ready to use command line.

Install azure cli from here.

Run following command

az login

Login to your azure account and find your subscription id.

az account set --subscription subscriptionId

Now we can create a Service Principal

az ad sp create-for-rbac --name DemoServicePrincipal

You get something like this back

{                                                    
  "appId": "guid",   
  "displayName": "DemoServicePrincipal",                          
  "name": "http://DemoServicePrincipal",                          
  "password": "guid",
  "tenant": "guid"   
}          

Now we assign Contributor role to our Service Principal

az role assignment create --assignee yourAppId --role Contributor

Take good care of these variables

subscription id: guid
tenant id: tenant
Service Principal Id (client id): appId
Service principal key (client secret): password

Don't forget to subscribe to get latest news from Sergey .NET directly to your mail.


Install the Azure CLI