Permission to run Get-AzADApplication within a Runbook

Copper Contributor

Dear all,


i have a project that i want to monitor the expiry date for some service principals in Azure.My company uses only one tenant and this tenant has more than 1000 service prinicpals,my goal is to monitor only some of them,which belong to my department.So i wrote a PS script which lists all service prinicpals and then filters only them that matchs my requiment.I used the cmdlet 'Get-AzADApplication'.My problem is that if i run this cmdlet in cloud PS(in Azure) it works,but if i run it within a Runbook in Azure i get the error:

 30 |  Get-AzADApplication
     |  ~~~~~~~~~~~~~~~~~~~
     | Insufficient privileges to complete the operation.


Any idea how to handle it?Some google search have shown that i need "application" permission in AAD but since i am from devops team i dont think i will get this permission from sysadmin team.


Below a snippet of script to get an idea what i am doing

#List all subscriptions
$subID = get-AzSubscription

#List all terraform users
$applications=@(foreach ($name in $subID.Id)
   Get-AzADApplication -DisplayNameStartWith  terraform-$name


1 Reply
Not entirely sure of the answer to your original question, especially when you may not be able to get the actual rights you need.

here are some options:

Power Automate:

PowerShell runbook with SendGrid email: