When I create a service principal it also creates an App in Active Directory.
az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/123456a1-a1b2-1234-12ab-12a3b4cdef67"
If I go to the Azure Portal – Active Directory – App registrations it shows all the applications registered.
I have managed to find the service principal I use for terraform by matching the terraform
client_id with the Azure “Application (client) ID”. It also had a human readable display name (although not the best since I still had to look via client id!)
However, there are several others where the display name is just “project_subscription”.
They look like they must have been generated automatically when setting up a pipeline registering a web app in the portal or something.
I can’t tell if they are actually used or if they were just created for experimenting and are then left over.
How do I know what they are for and if they are still used or not?
Is it possible to search Azure for the id or anything?
Is it possible to add a description to these to identify what they are used for beyond just the display name?
e.g. I only identified the terraform one by matching up the id with my code
Read more here: Source link