Reputation: 5808
How to get AzureAD user principalId in ARM template
I want to set AzureAD admin for Azure SQL database. To do it I need to set both login (email) and principalId.
Instead of passing both email and principalId as ARM template input parameters I want to pass user email only. Then inside a template I want to get user principalId by email. For managed identity it's possible to do it like this:
[reference(resourceId('Microsoft.Web/sites', variables('web-app-name')), '2019-08-01', 'full').identity.principalId]
But I can't find how to do the similar for the user.
Upvotes: 1
Views: 1239
Answers (2)
Reputation: 4458
It’s not pretty, and it’s still in preview, but ARM templates now have support for executing scripts.
Upvotes: 0
Reputation: 58908
You'll probably need to use a script to get the id and then pass it as parameter to the ARM template.
You can use for example the AzureAD PowerShell module: https://learn.microsoft.com/en-us/powershell/module/azuread/?view=azureadps-2.0
Get-AzureADUser -Filter "userPrincipalName eq '[email protected]'"
Upvotes: 1
Related Questions
- ARM Template: Looking up a user object Id
- Can't reference principalId of user assigned identity for key vault in same arm template
- How to reference both System managed identity and user managed identity in ARM templates?
- Get PrincipalId when deploying ARM Template
- How to get client id of user assigned identity in an ARM template?
- How to get Principal Id in app service using Arm template?
- Get Azure active directory user group objectId in ARM template
- Pass Service Principal Client Id and Secret to ARM Template
- How can I get an Azure AD security group name by ObjectID in ARM template?
- ARM template for Azure Active Directory