Reputation: 641
How to view if a resource was created by a Azure service principal?
I logged into azure using az login --service-principal and created a resource group. How to find out the audit trail which says that the resource group was created by a service principal? When I go for "Audit Logs", it mentions that my own user id has created it. How can that be possible? Why is it reporting that I created it, when the truth is that I used the client id and secret to login and create the resource group?
Upvotes: 0
Views: 905
Answers (1)
Reputation: 16438
Please make sure that you are using the az login --service-principal --username APP_ID --password PASSWORD --tenant TENANT_ID to sign in with the service principal.
After creating the resource group by az group create -l westus -n AllenTestRGroup008, I open Activity log and see that there is only one operation here:
The Event initiated by is the caller of this operation. So in my case, testMultiMSA is the service principal who creates the resource group.
If I click on the log for more details, I can find the caller property in JSON. It is the object id of the service principal.
You can have a check from your side.
Upvotes: 1
Related Questions
- Get Azure resource group creation time
- Enumerating Azure service principal using cli
- How to list Service principal permissions using powershell
- Azure AD - How to check whether a service principal is being used?
- Using Azure CLI, Is there a way to find the resource group a resource belongs to?
- How can I find resource group associated with service principal?
- Display Azure Service Principal Rights
- Get Service Principal Owner details?
- Azure powershell : Find the creator of a user, principal, application and group in Azure AD
- Azure resource Created By & Timestamp