Azure bicep get application id of service principal

RobBowman
November 21, 2022
76 views
0 votes
2 Answers

Bicep can be used to create a role assignment as follows:

resource RoleAssignment 'Microsoft.Authorization/roleAssignments@2020-10-01-preview' = {
  name: guid(managementGroup().id, RoleDefinitionId, principalId)
  properties: {
    roleDefinitionId: roleDefinition.id
    principalId: principalId
    principalType: principalType
  }
}

Where the principal type is ‘ServicePrincipal’, it seems the application id from the Enterprise Application page of the Azure portal is required:

Does anyone know how to acquire this programatically? If it’s not possible using bicep then perhaps PowerShell?

Answers

- Imran
- November 21, 2022 at 11:13 am
- 0 votes
0
To get the Application ID of service principal via PowerShell, you can make use of below command:
```
(Get-AzADServicePrincipal -DisplayName AppName).AppId
```
I tried to reproduce the same in my environment and got below results:

I have one service principal named ClientApp and got the Application ID of it successfully as below:
```
(Get-AzADServicePrincipal -DisplayName ClientApp).AppId
```
Response:
Login or Signup to reply.

You can use the output of resource like:

resource workflows_la 'Microsoft.Logic/workflows@2017-07-01' = {
  name: 'la-${env_id}-test'
  location: location
  identity: {
    type: 'SystemAssigned'
  }

output logicapp_managed_identity string = workflows_la.identity.principalId

So you can use in role assigment resource:

resource roleAssignmentlogicApp 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = {
  scope: Storage
  name: guid(Storage.id, managed_identity_logic_app, roleDefinitionResourceId)
  properties: {
    roleDefinitionId: roleDefinitionResourceId
    principalId: managed_identity_logic_app
  }
}

Please signup or login to give your own answer.

Click here to cancel reply.