Create an Azure Arc Service Principal with longer expiration date using PowerShe...
source link: https://www.thomasmaurer.ch/2022/09/create-an-azure-arc-service-principal-with-longer-expiration-date-using-powershell/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Written by Thomas Maurer• September 16, 2022• 11:43 am• Microsoft Azure, PowerShell
Create an Azure Arc Service Principal with longer expiration date using PowerShell
When you are onboarding at scale of Azure Arc enabled servers or Azure Arc enabled Kubernetes clusters, you want to use service principals for automated authentication during the onboarding process for Azure Arc resources. Microsoft provides you with an option in the Azure portal to create that service principal. When you use this, you can set an expiration date for that service principal, which is great because you don’t want this to be available for ever, even do you can only onboard machines with it. In this blog post we are going to have a look at how you can create an Azure Arc Service Principal with longer expiration date using Azure PowerShell.
New Azure Arc service principal in the Azure portal with max expiration date of 1 month
For some customers, one month expiration time for a service principal to onboard Azure Arc enabled servers or Kubernetes clusters might be a little short.
Check expiration date for Azure Arc service principal
To create a service principal to onboard an Azure Arc enabled server or Kubernetes cluster resource, you can use Azure PowerShell using the following commands:
# Set how many days the password will be valid for
$startDate = get-date
$endDate = $start.AddDays(90)
# Create a new service principal
$arcServiceprincipalName = "tm-arcserveronboarding-pwsh-sp"
New-AzADServicePrincipal -DisplayName $arcServiceprincipalName -Role "Azure Connected Machine Onboarding" -StartDate $startDate -EndDate $endDate This will create a service principal to onboard servers for 90 days. In my case I used Azure PowerShell running inside Azure CloudShell.
Create an Azure Arc Service Principal with longer expiration date using PowerShell
Now if you check the expiration date, you can see it is 90 days.
Check expiration date for Azure Arc service principal created by PowerShell
I hope this blog post was help full on showing you how you can create an Azure Arc Service Principal with longer expiration date using PowerShell. If you want to learn more about onboarding Azure Arc enabled servers at scale, check out the following Microsoft Docs article: Connect hybrid machines to Azure at scale. If you have any questions, feel free to leave a comment below.
Email address:
Leave this field empty if you're human:
Tags: Azure, Azure Arc, Hybrid Cloud, Kubernetes, Microsoft, Microsoft Azure, Onboarding, PowerShell, Server, Service Principal
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK