Reputation: 1
How to run azure cli commands with serviceprinciple permissions?
Been looking for a while but couldn't find the answer. I've been using service principle on my azure devops to modify my azure infrastructure via piplines (proper permissions). I need to run some of the commands locally using powershell, for example delete some of my azure roles.
Is there a way to use my service principle's permissions via cli / powershell to achieve what I'm looking for? Cannot do it via Connect-Azure as my user account's role has insufficient permissions. I need to do it with service principle.
Upvotes: 0
Views: 1132
Answers (1)
Reputation: 3824
Yes, you can login to the Azure CLI with a Service Principal.
To sign in with a service principal, you need:
- The URL or name associated with the service principal
- The service principal password, or the X509 certificate used to create the service principal in PEM format
- The tenant associated with the service principal, as either an
.onmicrosoft.comdomain or Azure object ID
az login --service-principal -u <app-id> -p <password-or-cert> --tenant <tenant>
https://learn.microsoft.com/en-us/cli/azure/authenticate-azure-cli#sign-in-with-a-service-principal
Upvotes: 2
Related Questions
- How to give permission to a pipeline to access a resource in Azure DevOps using CLI commands?
- Assigning group permissions using to Azure DevOps CLI
- How to grant a service principal permissions to run Get-AZroleassignments? from azure devops pipeline
- Azure CLI SP creation w/ API permissions
- How can I grant roleAssignement/write permission to azure devops service connection
- Is there any systemic way to find the minimum access right or role required for each of Azure CLI commands?
- Azure cli Azure Devops error: The user '' is not authorized to access this resource
- Running Azure CLI script from release pipeline using Service Principal - invalid_client
- Group Permission for Azure DevOps via CLI
- Azure Service Principle