dev-resources.site
for different kinds of informations.
Azure Service Principal creation step by step approach
Step by step approach in creating in Azure Service Principal(SCP)
- Open the Azure portal and sign in with your Azure account.
- Then search for "Microsoft Entra ID" and then select âApp registrationsâ from the submenu.
- Click on the âNew registrationâ button to create a new app registration.
- Enter a name for your app registration and select the supported account types. For example, you can choose âSingle tenantâ if you only want to allow users from your own organization to access the app.
- Click on the âRegisterâ button to create the app registration. Once the app registration is created, click on the âCertificates & secretsâ option in the left menu and then select the âNew client secretâ option.
- Enter a description and expiration date for the client secret, and then click on the âAddâ button to create it.
- Make sure to copy the client secret value somewhere safe, as it will only be shown once and cannot be retrieved later.
- Finally, go to the resource group you want the service principal to access. When you are there, click on âAccess Control (IAM)â and then click on âAdd>Add role assignmentâ. 9.Click on the role you want to assign (i.e. Contributor). Then go to member, select assign access to âUser, group, or service principalâ, and then âSelect memberâ. 10.Type the name of the service principal and then select it. Afterward, click on âReview + assignâ.
Step 1: Open the Azure portal and sign in with your Azure account.
Then search for "Microsoft Entra ID" and then select âApp registrationsâ from the submenu.
Step 2 :
Step 3:
Step4:
Click on Certificates & Secrets in the left hand menu and then click on New Client Secret
Step5: Enter description, select expiry then click on Add
Make sure to copy the secret value and it wont be shown once again.
Step6 : Select the resource group
Step7: Click on IAM -> Click on Add
Step8:Click on the role you want to assign (i.e. Contributor).
Step9:Then go to member, select assign access to âUser, group, or service principalâ, and then âSelect memberâ .Type the name of the service principal "learnazurewithsrini" and then select it. Afterward, click on âReview + assignâ.
We need following details for azure + terraform authentication
1.subscription_id = ""
2.tenant_id = ""
3.client_id = ""
4.client_secret = ""
Terraform Example :
Step1 : Create a file provider.tf and copy the below code
Terraform sample code:
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~>3.0"
}
}
}
provider "azurerm" {
features {}
subscription_id = "<azure_subscription_id>"
tenant_id = "<azure_subscription_tenant_id>"
client_id = "<service_principal_appid>"
client_secret = "<service_principal_password>"
}
Step2:create a file main.tf and copy the below mentioned code
resource "azurerm_resource_group" "az400-training" {
location = var.resource_group_location
name = "az-400-training"
}
Step3:create a file,output.tf and copy the below mentioned code
output "resource_group_name" {
value = azurerm_resource_group.az400-training.name
}
Step4:Run the terraform commands
terraform init
terraform plan
terraform apply --auto-approve
Conclusion : Discussed about creating Service principle in Azure and used SCP to authenticate the azure and provision azure resources.
đŹ If you enjoyed reading this blog post and found it informative, please take a moment to share your thoughts by leaving a review and liking it đ and follow me in dev.to , linkedin and buy me a coffee
Featured ones: