I want to create a secret in PowerShell for an Azure Service Principal App.
I have the following code but returns an error:
New-AzADAppCredential: A parameter cannot be found that matches parameter name 'PasswordCredentials'
$appId = "<Service Principal ID>"
$AADApp = Get-AzADApplication -ApplicationId $appId
$PasswordCedentials = @{
StartDateTime = Get-Date
EndDateTime = (Get-Date).AddDays(90)
DisplayName = ("Secret auto-rotated on: "+(Get-Date).ToUniversalTime().ToString("yyyy'-'MM'-'dd"))
}
$Secret = New-AzADAppCredential -ApplicationObject $AADApp -PasswordCredentials $PasswordCedentials
After creation, I want to use this secret and store it into the Key Vault using Azure PowerShell
Your code looks good, so not sure what the issue is with that.
I was able to create a new secret with the following code:
$applicationId = "<Guid>"
$startDate = Get-Date
$endDate = $startDate.AddDays(180)
$newAppCredential = Get-AzADApplication -ApplicationId $applicationId | New-AzADAppCredential -StartDate $startDate -EndDate $endDate
The response looks like this:
CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime
------------------- ----------- ----------- ---- ----- ---------- ------------
05/04/2023 08:07:24 svt <guid> <theSecret> 07/10/2022 08:07:24
Do keep in mind, the Get-AzADApplication is used for App Registrations.
I'm not sure how this works for/with service principals (Enterprise Applications), but that's a different command called New-AzADSpCredential .
Storing the secret in Key Vault is mentioned in this quickstart on the MS docs https://learn.microsoft.com/en-us/azure/key-vault/secrets/quick-create-powershell
$secretvalue = ConvertTo-SecureString "hVFkk965BuUv" -AsPlainText -Force
$secret = Set-AzKeyVaultSecret -VaultName "<your-unique-keyvault-name>" -Name "ExamplePassword" -SecretValue $secretvalue