I entered azure powershell using the certificate service principle, for example:
Add-AzureRmAccount -ServicePrincipal -CertificateThumbprint $thumbprint -ApplicationId $applicationid -TenantId $tenant
Then I tried to get the azure secret:
$b = Get-AzureKeyVaultSecret -VaultName $keyVaultName -Name 'AccountKey'
But I get an error message:
"get" is not allowed
It seemed to me that I was reading access, for example:
New-AzureRmRoleAssignment -RoleDefinitionName Reader -ServicePrincipalName $azureAdApplication.ApplicationId.Guid
Any suggestions?
source
share