Shadi
Shadi

Reputation: 313

Is it possible to create an Azure Service Principal with the Pulumi?

I have a Pulumi Python code that creates some Azure resources. Insted of I user User Account to create resource, I created an Azure Service Principal with Powershell and authenticate with the below method:

pulumi config set azure-native:clientId <clientID>
pulumi config set azure-native:clientSecret <clientSecret> --secret
pulumi config set azure-native:tenantId <tenantID>
pulumi config set azure-native:subscriptionId <subscriptionID>

Now, I want to know Is it possible to create an Azure Service Principal with Pulumi and after that authenticate with Service Principal has been created? Other Question, Is it the true way?

Edit: As these documents Service Principal My code is:

import pulumi
from pulumi.output import Output
import pulumi_azure_native as azure_native
import pulumi_azuread as azuread
    
current = azuread.get_client_config()
example_application = azuread.Application("exampleApplication",
                                          display_name="example",
                                          owners=[current.object_id])
example_service_principal = azuread.ServicePrincipal("exampleServicePrincipal",
                                                     application_id=example_application.application_id,
                                                     app_role_assignment_required=False,
                                                     owners=[current.object_id])

I received this error. Also I install with pip install pulumi-azuread

 ModuleNotFoundError: No module named 'pulumi_azuread'

Upvotes: 0

Views: 528

Answers (1)

Piers Karsenbarg
Piers Karsenbarg

Reputation: 3201

You certainly can, using the Service Principal resource as part of the Azure Active Directory Provider.

You'll need to define an application first, but in typescript it would look something like:

import * as azuread from "@pulumi/azuread";

const application = new azuread.Application(`application`, {
      displayName: `application`,
});

const servicePrincipal = new azuread.ServicePrincipal(`servicePrincipal`, {
      applicationId: application.applicationId,
});

Upvotes: 2

Related Questions