GetServicePrincipal
Gets information about an existing Service Principal associated with an Application within Azure Active Directory.
NOTE: If you’re authenticating using a Service Principal then it must have permissions to both
Read and write all applicationsandSign in and read user profilewithin theWindows Azure Active DirectoryAPI.
Example Usage (by Application Display Name)
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";
const example = pulumi.output(azuread.getServicePrincipal({
displayName: "my-awesome-application",
}, { async: true }));import pulumi
import pulumi_azuread as azuread
example = azuread.get_service_principal(display_name="my-awesome-application")using Pulumi;
using AzureAD = Pulumi.AzureAD;
class MyStack : Stack
{
public MyStack()
{
var example = Output.Create(AzureAD.GetServicePrincipal.InvokeAsync(new AzureAD.GetServicePrincipalArgs
{
DisplayName = "my-awesome-application",
}));
}
}
Example Usage (by Application ID)
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";
const example = pulumi.output(azuread.getServicePrincipal({
applicationId: "00000000-0000-0000-0000-000000000000",
}, { async: true }));import pulumi
import pulumi_azuread as azuread
example = azuread.get_service_principal(application_id="00000000-0000-0000-0000-000000000000")using Pulumi;
using AzureAD = Pulumi.AzureAD;
class MyStack : Stack
{
public MyStack()
{
var example = Output.Create(AzureAD.GetServicePrincipal.InvokeAsync(new AzureAD.GetServicePrincipalArgs
{
ApplicationId = "00000000-0000-0000-0000-000000000000",
}));
}
}
Example Usage (by Object ID)
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";
const example = pulumi.output(azuread.getServicePrincipal({
objectId: "00000000-0000-0000-0000-000000000000",
}, { async: true }));import pulumi
import pulumi_azuread as azuread
example = azuread.get_service_principal(object_id="00000000-0000-0000-0000-000000000000")using Pulumi;
using AzureAD = Pulumi.AzureAD;
class MyStack : Stack
{
public MyStack()
{
var example = Output.Create(AzureAD.GetServicePrincipal.InvokeAsync(new AzureAD.GetServicePrincipalArgs
{
ObjectId = "00000000-0000-0000-0000-000000000000",
}));
}
}
Using GetServicePrincipal
function getServicePrincipal(args: GetServicePrincipalArgs, opts?: InvokeOptions): Promise<GetServicePrincipalResult>function get_service_principal(application_id=None, display_name=None, oauth2_permissions=None, object_id=None, opts=None)func LookupServicePrincipal(ctx *Context, args *LookupServicePrincipalArgs, opts ...InvokeOption) (*LookupServicePrincipalResult, error)Note: This function is named
LookupServicePrincipalin the Go SDK.
public static class GetServicePrincipal {
public static Task<GetServicePrincipalResult> InvokeAsync(GetServicePrincipalArgs args, InvokeOptions? opts = null)
}The following arguments are supported:
- Application
Id string The ID of the Azure AD Application.
- Display
Name string The Display Name of the Azure AD Application associated with this Service Principal.
- Oauth2Permissions
List<Pulumi.
Azure AD. Inputs. Get Service Principal Oauth2Permission Args> A collection of OAuth 2.0 permissions exposed by the associated application. Each permission is covered by a
oauth2_permissionblock as documented below.- Object
Id string The ID of the Azure AD Service Principal.
- Application
Id string The ID of the Azure AD Application.
- Display
Name string The Display Name of the Azure AD Application associated with this Service Principal.
- Oauth2Permissions
[]Get
Service Principal Oauth2Permission A collection of OAuth 2.0 permissions exposed by the associated application. Each permission is covered by a
oauth2_permissionblock as documented below.- Object
Id string The ID of the Azure AD Service Principal.
- application
Id string The ID of the Azure AD Application.
- display
Name string The Display Name of the Azure AD Application associated with this Service Principal.
- oauth2Permissions
Get
Service Principal Oauth2Permission[] A collection of OAuth 2.0 permissions exposed by the associated application. Each permission is covered by a
oauth2_permissionblock as documented below.- object
Id string The ID of the Azure AD Service Principal.
- application_
id str The ID of the Azure AD Application.
- display_
name str The Display Name of the Azure AD Application associated with this Service Principal.
- oauth2_
permissions List[GetService Principal Oauth2Permission] A collection of OAuth 2.0 permissions exposed by the associated application. Each permission is covered by a
oauth2_permissionblock as documented below.- object_
id str The ID of the Azure AD Service Principal.
GetServicePrincipal Result
The following output properties are available:
- App
Roles List<Pulumi.Azure AD. Outputs. Get Service Principal App Role> - Application
Id string - Display
Name string Display name for the permission that appears in the admin consent and app assignment experiences.
- Id string
The provider-assigned unique ID for this managed resource.
- Oauth2Permissions
List<Pulumi.
Azure AD. Outputs. Get Service Principal Oauth2Permission> - Object
Id string
- App
Roles []GetService Principal App Role - Application
Id string - Display
Name string Display name for the permission that appears in the admin consent and app assignment experiences.
- Id string
The provider-assigned unique ID for this managed resource.
- Oauth2Permissions
[]Get
Service Principal Oauth2Permission - Object
Id string
- app
Roles GetService Principal App Role[] - application
Id string - display
Name string Display name for the permission that appears in the admin consent and app assignment experiences.
- id string
The provider-assigned unique ID for this managed resource.
- oauth2Permissions
Get
Service Principal Oauth2Permission[] - object
Id string
- app_
roles List[GetService Principal App Role] - application_
id str - display_
name str Display name for the permission that appears in the admin consent and app assignment experiences.
- id str
The provider-assigned unique ID for this managed resource.
- oauth2_
permissions List[GetService Principal Oauth2Permission] - object_
id str
Supporting Types
GetServicePrincipalAppRole
See the output API doc for this type.
See the output API doc for this type.
See the output API doc for this type.
- Allowed
Member List<string>Types Specifies whether this app role definition can be assigned to users and groups, or to other applications (that are accessing this application in daemon service scenarios). Possible values are:
UserandApplication, or both.- Description string
Permission help text that appears in the admin app assignment and consent experiences.
- Display
Name string The Display Name of the Azure AD Application associated with this Service Principal.
- Id string
The unique identifier of the
app_role.- Is
Enabled bool Determines if the app role is enabled.
- Value string
Specifies the value of the roles claim that the application should expect in the authentication and access tokens.
- Allowed
Member []stringTypes Specifies whether this app role definition can be assigned to users and groups, or to other applications (that are accessing this application in daemon service scenarios). Possible values are:
UserandApplication, or both.- Description string
Permission help text that appears in the admin app assignment and consent experiences.
- Display
Name string The Display Name of the Azure AD Application associated with this Service Principal.
- Id string
The unique identifier of the
app_role.- Is
Enabled bool Determines if the app role is enabled.
- Value string
Specifies the value of the roles claim that the application should expect in the authentication and access tokens.
- allowed
Member string[]Types Specifies whether this app role definition can be assigned to users and groups, or to other applications (that are accessing this application in daemon service scenarios). Possible values are:
UserandApplication, or both.- description string
Permission help text that appears in the admin app assignment and consent experiences.
- display
Name string The Display Name of the Azure AD Application associated with this Service Principal.
- id string
The unique identifier of the
app_role.- is
Enabled boolean Determines if the app role is enabled.
- value string
Specifies the value of the roles claim that the application should expect in the authentication and access tokens.
- allowed
Member List[str]Types Specifies whether this app role definition can be assigned to users and groups, or to other applications (that are accessing this application in daemon service scenarios). Possible values are:
UserandApplication, or both.- description str
Permission help text that appears in the admin app assignment and consent experiences.
- display_
name str The Display Name of the Azure AD Application associated with this Service Principal.
- id str
The unique identifier of the
app_role.- is
Enabled bool Determines if the app role is enabled.
- value str
Specifies the value of the roles claim that the application should expect in the authentication and access tokens.
GetServicePrincipalOauth2Permission
- Admin
Consent stringDescription The description of the admin consent
- Admin
Consent stringDisplay Name The display name of the admin consent
- Id string
The unique identifier of the
app_role.- Is
Enabled bool Determines if the app role is enabled.
- Type string
The type of the permission
- User
Consent stringDescription The description of the user consent
- User
Consent stringDisplay Name The display name of the user consent
- Value string
Specifies the value of the roles claim that the application should expect in the authentication and access tokens.
- Admin
Consent stringDescription The description of the admin consent
- Admin
Consent stringDisplay Name The display name of the admin consent
- Id string
The unique identifier of the
app_role.- Is
Enabled bool Determines if the app role is enabled.
- Type string
The type of the permission
- User
Consent stringDescription The description of the user consent
- User
Consent stringDisplay Name The display name of the user consent
- Value string
Specifies the value of the roles claim that the application should expect in the authentication and access tokens.
- admin
Consent stringDescription The description of the admin consent
- admin
Consent stringDisplay Name The display name of the admin consent
- id string
The unique identifier of the
app_role.- is
Enabled boolean Determines if the app role is enabled.
- type string
The type of the permission
- user
Consent stringDescription The description of the user consent
- user
Consent stringDisplay Name The display name of the user consent
- value string
Specifies the value of the roles claim that the application should expect in the authentication and access tokens.
- admin
Consent strDescription The description of the admin consent
- admin
Consent strDisplay Name The display name of the admin consent
- id str
The unique identifier of the
app_role.- is
Enabled bool Determines if the app role is enabled.
- type str
The type of the permission
- user
Consent strDescription The description of the user consent
- user
Consent strDisplay Name The display name of the user consent
- value str
Specifies the value of the roles claim that the application should expect in the authentication and access tokens.
Package Details
- Repository
- https://github.com/pulumi/pulumi-azuread
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azureadTerraform Provider.