Reputation: 475
Run Get-AzADApplication from an Azure Runbook using a Managed Identity
Hi I am wanting to get App registration information for several applications within my tenant (but different subscriptions) using an Automation Account Runbook. I currently have a System Assigned managed identity on the automation account. Inside my powreshell workflow runbook I have the following snippet of code:
try{
"Logging in to Azure..."
#Connect-AzAccount
Connect-AzAccount -Identity
$token = (Get-AzAccessToken -ResourceTypeName MSGraph).token
$secreToken = ConvertTo-SecureString -String $token -AsPlainText -Force
Connect-MgGraph -AccessToken $secreToken
}
catch{
Write-Error -Message $_.Exception
throw $_.Exception
}
$apps = Get-AzADApplication
When I run the runbook I get an Insufficient privileges to complete the operation. error message. Is there anyway to run Get-AzADApplication using a managed identity in this way? If not, is there a better authentication method to use?
Upvotes: 0
Views: 757
Answers (1)
Reputation: 11393
Firstly, I have tried your code and got similar error as you got as below:
Now, Firstly go to azure active directory and then click on Roles and administrators:
Then search directory Readers as below and then click on it:
Then click on add Assignments as below:
Then select a member as below:
then click on next:
Now then I go back to runbook and when I run the error is resolved:
Upvotes: 1
Related Questions
- Cypress: can't log in in the Cypress browser
- 401 - Unauthorized in cypress io auto testing
- Problem with CSRF protected Login in Cypress
- Receiving 403 Forbidden error when running Cypress test, but receiving no error when manually navigating to the app
- Cypress: Login Authentication redirects to another domain: Workaround?
- Cypress Login With Redirect
- Cypress basic authentication in all cy.visit requests
- Getting Cypress to correctly login to Auth0
- Cypress: while running cypress ,automatically redirecting to login page
- Cypress.io doesn't persist Auth0 login for Angular app