Key Vault with ARM and Access policies

0
votes

I have created a Key Vault, an the application should be able to consume this key vault.

This works if a add the application via the portal in the access policies.

However, it seems that the ObjectId actually stored (in the access policies property in resources.azure.com), is not the application id nor the object id of the application I have registered.

Any ideas to obtain that 'ObjectID' for a app registration/service principal so that I can map the object ID in my ARM template?

1
azureazure-keyvault

1 Answers

0
votes

You are assigning rights to the service principal associated with the application, so you have to look for the ID of the service principal, lets say I have the following GUID in KeyVault '6923eb00-38f0-62f6-b5d8-3e53bd8f0053', to look it up use:

Get-AzureRmADServicePrincipal -ObjectId 6923eb00-38f0-62f6-b5d8-3e53bd8f0053

or vice versa, if you know your application, look up its service principal.