I was doing Get-AzureKeyVaultSecret in azure automation runbook. But I am getting the following error. How I can fix this error in azure automation runbook? where to login and where to supply credentials?
Get-AzureKeyVaultSecret : Unable to retrieve service key for ServicePrincipal account xxxxxxxxxxxxxxxxxxx. Please log in again to supply the credentials for this service principal
if you want an Azure Automation account's runbooks to have access to a key vault's secrets then that Azure Automation Run As account's Application ID (i.e., service principal) needs to be added in the access policies of the respective key vault. And when you add that, make sure to provide 'Get' and 'List' Secret permissions.
To explain it in detail, fetch the Azure Automation Run As account's Application ID by going to Azure portal -> Automation Accounts -> YOURAUTOMATIONACCOUNT -> Run as accounts -> Azure Run As Account -> Copy the Application ID. And then add the access policies in key vault by going to Azure portal -> Key vaults -> YOURKEYVAULT -> Access policies -> Click 'Add new' -> Select principal -> Paste the fetched Application ID in the search box -> Click 'Select' -> Click on the drop down list under 'Secret permissions' -> Tick 'Get' and 'List' -> Click 'OK'.
Now route back to your Azure Automation account and fire your runbook and then you should be able to get the key vault's secret(s) without any issue.
Hope this helps!! Cheers!!
