happy-journalist-61214
05/10/2024, 10:08 PMhappy-journalist-61214
05/10/2024, 10:09 PMexport CIL_AZURE_SUBSCRIPTION_ID="ABC"
export CIL_AZURE_SP_NAME="devsecops-iac-rbac"
az ad sp create-for-rbac --sdk-auth \
--role Owner \
--scopes="/subscriptions/${CIL_AZURE_SUBSCRIPTION_ID}" -n ${CIL_AZURE_SP_NAME} > "creds.json"
if which jq > /dev/null 2>&1; then
AZURE_CLIENT_ID=$(jq -r ".clientId" < "./creds.json")
else
AZURE_CLIENT_ID=$(cat creds.json | grep clientId | cut -c 16-51)
fi
RW_ALL_APPS=1cda74f2-2616-4834-b122-5cb1b07f8a59
RW_DIR_DATA=78c8a3c8-a07e-4b9e-af1b-b5ccab50a175
AAD_GRAPH_API=00000002-0000-0000-c000-000000000000
az ad app permission add --id "${AZURE_CLIENT_ID}" --api ${AAD_GRAPH_API} --api-permissions ${RW_ALL_APPS}=Role ${RW_DIR_DATA}=Role