DEVHIDE
Login Or Sign up

How to create secret in Power Shell for Service Principal App and store it in the KeyVault

665 Views Asked by At

I want to create a secret in PowerShell for an Azure Service Principal App.

I have the following code but returns an error:

New-AzADAppCredential: A parameter cannot be found that matches parameter name 'PasswordCredentials'

$appId = "<Service Principal  ID>" 
$AADApp = Get-AzADApplication -ApplicationId $appId
$PasswordCedentials = @{
    StartDateTime = Get-Date
    EndDateTime = (Get-Date).AddDays(90)
    DisplayName = ("Secret auto-rotated on: "+(Get-Date).ToUniversalTime().ToString("yyyy'-'MM'-'dd"))
}
    
$Secret = New-AzADAppCredential -ApplicationObject $AADApp -PasswordCredentials $PasswordCedentials

After creation, I want to use this secret and store it into the Key Vault using Azure PowerShell

powershell service-principal azure-secrets
Original Q&A
1

There are 1 best solutions below

0
Jan_V On BEST ANSWER

Your code looks good, so not sure what the issue is with that.

I was able to create a new secret with the following code:

$applicationId = "<Guid>"
$startDate = Get-Date
$endDate = $startDate.AddDays(180)
$newAppCredential = Get-AzADApplication -ApplicationId $applicationId | New-AzADAppCredential -StartDate $startDate -EndDate $endDate

The response looks like this:

CustomKeyIdentifier DisplayName EndDateTime         Hint KeyId  SecretText  StartDateTime
------------------- ----------- -----------         ---- -----  ----------  ------------
                                05/04/2023 08:07:24 svt  <guid> <theSecret> 07/10/2022 08:07:24

Do keep in mind, the Get-AzADApplication is used for App Registrations.

I'm not sure how this works for/with service principals (Enterprise Applications), but that's a different command called New-AzADSpCredential .

Storing the secret in Key Vault is mentioned in this quickstart on the MS docs https://learn.microsoft.com/en-us/azure/key-vault/secrets/quick-create-powershell

$secretvalue = ConvertTo-SecureString "hVFkk965BuUv" -AsPlainText -Force
$secret = Set-AzKeyVaultSecret -VaultName "<your-unique-keyvault-name>" -Name "ExamplePassword" -SecretValue $secretvalue

Related Questions in POWERSHELL

Related Questions in SERVICE-PRINCIPAL

Related Questions in AZURE-SECRETS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.