User Profile
olti88
Copper Contributor
Joined Nov 03, 2021
User Widgets
Recent Discussions
Permission to run Get-AzADApplication within a Runbook
Dear all, i have a project that i want to monitor the expiry date for some service principals in Azure.My company uses only one tenant and this tenant has more than 1000 service prinicpals,my goal is to monitor only some of them,which belong to my department.So i wrote a PS script which lists all service prinicpals and then filters only them that matchs my requiment.I used the cmdlet 'Get-AzADApplication'.My problem is that if i run this cmdlet in cloud PS(in Azure) it works,but if i run it within a Runbook in Azure i get the error: 30 | Get-AzADApplication | ~~~~~~~~~~~~~~~~~~~ | Insufficient privileges to complete the operation. Any idea how to handle it?Some google search have shown that i need "application directory.read.all" permission in AAD but since i am from devops team i dont think i will get this permission from sysadmin team. Below a snippet of script to get an idea what i am doing #List all subscriptions $subID = get-AzSubscription #List all terraform users $applications=@(foreach ($name in $subID.Id) { Get-AzADApplication -DisplayNameStartWith terraform-$name })1.7KViews0likes1Comment
Recent Blog Articles
No content to show