I'm trying to login to Azure Subscription using Service Principal from Azure DevOps build Pipeline PowerShell task. The reason I need to log in is, I need to execute a few Log analytics queries from the same PowerShell task, hence it requires authentication to the subscription. Service Principal ID and Key are in Key Vault as secrets. I need to read them as plain text to pass and authenticate with Azure Subscription.
The problem is, I'm not able to read them as plain text or plain string as it comes as an encrypted string value in the Azure DevOps PowerShell task. I can't seem to find ways in order to read them as plain text directly.
I can't use the below command
(Get-AzKeyVaultSecret -VaultName $vaultName -Name $secretName).SecretValueText
because we need to be authenticated already to Azure Subscription to execute the other modules' commands.
Tried the below (i.e) Value for $Encrypted (Service Principal ID) is in KeyVault as plain text When I used the below it said, Input was not in a correct format
$AppId = (ConvertTo-SecureString $Encrypted) $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AppId) $AppId = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)
Looking for any other ways to accomplish this task.