limited-carpenter-34991
05/28/2020, 12:18 PMancient-megabyte-79588
05/28/2020, 3:52 PMconst adApp = new azuread.Application("aksApplication");
export const adAppId = adApp.applicationId;
const password = "something_you_create";
const adSp = new azuread.ServicePrincipal("aksApplicationSp", { applicationId: adApp.applicationId });
export const adSpId = adSp.id;
const adSpPassword:any = new azuread.ServicePrincipalPassword("aksSpPassword", {
servicePrincipalId: adSpId,
value: password,
endDate: "2099-01-01T00:00:00Z"
});
Is this what you are looking for?limited-carpenter-34991
05/29/2020, 9:53 AM// Create an Azure Resource Group
var resourceGroup = new ResourceGroup("dev");
var config = new Pulumi.Config();
var clientConfig = Output.Create(GetClientConfig.InvokeAsync());
var tenantId = clientConfig.Apply(c => c.TenantId);
//var currentPrincipal = clientConfig.Apply(c => c.ObjectId);
//// Create an Azure Storage Account
var storageAccount = new Account("dev", new AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountReplicationType = "LRS",
AccountTier = "Standard"
});
//// Create an Azure Storage Container
var container = new Container("state", new ContainerArgs
{
StorageAccountName = storageAccount.Name,
ContainerAccessType = "private"
});
var blob = new Blob("state-dev", new BlobArgs
{
StorageAccountName = storageAccount.Name,
StorageContainerName = container.Name,
Type = "Block",
Source = new FileAsset("./state/.pulumi/stacks/state-dev.json")
});
var keyVault = new KeyVault("dev", new KeyVaultArgs
{
ResourceGroupName = resourceGroup.Name,
SkuName = "standard",
TenantId = tenantId,
});
var application = new Application("dev");
var servicePrincipal = new ServicePrincipal("dev-sp", new ServicePrincipalArgs
{
ApplicationId = application.ApplicationId,
});
var randomPassowrd = new RandomPassword("principal-key", new RandomPasswordArgs
{
Length = 20,
Special = true,
}).Result;
var servicePrincipalPassword = new ServicePrincipalPassword("principal-key", new ServicePrincipalPasswordArgs
{
ServicePrincipalId = servicePrincipal.Id,
EndDate = "2099-01-01T00:00:00Z",
Value = randomPassowrd,
});
var keyVaultPrincipalSecret = new Secret("principal-key", new SecretArgs
{
KeyVaultId = keyVault.Id,
Value = servicePrincipalPassword.Value,
});
var roleAssignment = new Assignment("role-assignment", new AssignmentArgs
{
PrincipalId = servicePrincipal.Id,
Scope = resourceGroup.Id,
RoleDefinitionName = "Contributor"
});
I used this, but the service principal clientSecret is still empty. What i'm doeing wrong? Can help me to fix this ?better-rainbow-14549
05/29/2020, 12:24 PMlimited-carpenter-34991
05/29/2020, 3:16 PM