Shawn Weisfeld

I find when I talk to myself nobody listens. - Shawn Weisfeld
posts - 365, comments - 174, trackbacks - 34

My Links

News


Shawn Weisfeld's Facebook profile

The views expressed in this blog are mine and mine alone, not that of my employer, Microsoft, or anyone else’s. No warrantee is given for the quality of any material on this site.

Archives

Post Categories

Tuesday, May 24, 2016

Authenticating a service principal with Azure Resource Manager – via a password file

The Azure documentation has a great article on Authenticating a service principal with Azure Resource Manager. It does a good job of outlining the steps needed to automating POSH login via PowerShell.

https://azure.microsoft.com/en-us/documentation/articles/resource-group-authenticate-service-principal/#provide-credentials-through-automated-powershell-script

However, it assumes that you can store the password in an Azure KeyVault. In some scenarios this is not ideal. In my case I wanted to store my password securely in a file on the file system. We will leverage the .NET Secure String to create the password. This means that only user that created the file can decrypt and use it, so when saving this value, use the same account that the script or service will use.

http://social.technet.microsoft.com/wiki/contents/articles/4546.working-with-passwords-secure-strings-and-credentials-in-windows-powershell.aspx

The secure file will look something like this:

Here is the one-time setup

Now I can use the file that I create when I need to login, and no longer to I have to type in my password!

posted @ Tuesday, May 24, 2016 11:31 AM | Feedback (1) |

Powered by: