Skip to content

olandese/vsts-azure-principal

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
README.md
README.md
 
 
createserviceprincipal.ps1
createserviceprincipal.ps1
 
 

Repository files navigation

vsts-azure-principal

See my blog post

NOTE: If the principal (application name) already exists then the password will not be updated.

Parameters Sets examples

CreateVSTSPrincipalOnly

Create only an Azure AD Application/Principal without any role grant:

.\createservicesprincipal.ps1 -subscriptionName "The Subscription Name" -applicationName "TheApplicationName" -password (ConvertTo-SecureString –String "ThePassword" -AsPlainText -Force)

CreateVSTSPrincipalWithExistingResourceGroups

Create an Azure AD Application/Principal and grants the Role on the specified existing Resource Groups (if the Resource Groups do not exists no error will be thrown, they will just be ignored):

.\createservicesprincipal.ps1 -subscriptionName "The Subscription Name" -applicationName "TheApplicationName" -password (ConvertTo-SecureString –String "ThePassword" -AsPlainText -Force) -resourceGroupNames "ResourceGroupName1","ResourceGroupName2","etc"

CreateVSTSPrincipalAndResourceGroups

Create an Azure AD Application/Principal and the specified Resource Groups at the provided location, grants the Role to the Resource Groups:

.\createservicesprincipal.ps1 -subscriptionName "The Subscription Name" -applicationName "TheApplicationName" -password (ConvertTo-SecureString –String "ThePassword" -AsPlainText -Force) -resourceGroupNames "ResourceGroupName1","ResourceGroupName2","etc" -createResourceGroups -location "West Europe"

CreateVSTSPrincipalAndResourceGroups with Active Directory Groups

Create an Azure AD Application/Principal and the specified Resource Groups at the provided location, grants the Role to the Resource Groups. Also grants the AD groups to the Resource Groups:

.\createservicesprincipal.ps1 -subscriptionName "The Subscription Name" -applicationName "TheApplicationName" -password (ConvertTo-SecureString –String "ThePassword" -AsPlainText -Force) -resourceGroupNames "ResourceGroupName1","ResourceGroupName2","etc" -adGroupNames "AdGroupName1", "AdGroupName2", "etc" -createResourceGroups -location "West Europe"

CreateVSTSPrincipalSubscriptionLevel

Create an Azure AD Application/Principal and grants the Role at subscription level:

.\createservicesprincipal.ps1 -subscriptionName "The Subscription Name" -applicationName "TheApplicationName" -password (ConvertTo-SecureString –String "ThePassword" -AsPlainText -Force) -grantRoleOnSubscriptionLevel

Password expiration

The default value for the password expiration is 1/1/2099 1:00 AM, you can provide another value like this (in the following example I'm using the CreateVSTSPrincipalOnly paramter set, you can use it with all the calls) :

.\createservicesprincipal.ps1 -subscriptionName "The Subscription Name" -applicationName "TheApplicationName" -password (ConvertTo-SecureString –String "ThePassword" -AsPlainText -Force) -passwordExpirationDateTime (Get-Date "1/1/2020 1:00 AM")

About

A better way to create a principal for VSTS

blog.olandese.nl/2017/01/30/a-better-way-and-script-to-add-a-service-principal-in-azure-for-vsts/

Resources

Readme
Activity

Stars

6 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages