Deploying ServiceFabric apps using AzureAD Authentication
I want to deploy apps to my service fabric using azure ad & powershell.
I've setup the required azure AD apps, but I don't know how to login to an Azure AD account programtically so it can be deployed from CD tool. It seems like this needs to be an AD user and not service principal. The COnnect-ServiceFabric cmdlet requires some sort of security token when using AzureAD and I don't know how to provide it to avoid the popup.
Here are steps that you could use to get things up and running -
1. You need to create two app registrations in AD - the one to represent the SF cluster and the second one for the client app. You could follow the instructions here to get it done Set up Azure Active Directory for client authentication
As the result, you should have the next output -
"azureActiveDirectory": { "tenantId":"guid", "clusterApplication":"guid", "clientApplication":"guid" }
2. Now you could set up your SF cluster. You could either put the AD artifacts you've got from the previous step into the rm template or specify the fields in the portal. The choice is yours -
3. Find the app registrations created at the first step in AD, and assign to the user you are going to login with some role there.
4. Finally, use this example to login using AD authentication in a non-interactive mode - Connect to a secure cluster non-interactively using Azure Active Directory.
Here is just the same but in Powershell -
$authority = "https://login.microsoftonline.com/your_tenant_id"
$credentials = [Microsoft.IdentityModel.Clients.ActiveDirectory.UserCredential]::new($UserName, $Password)
$authContext = [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext]::new($authority)
$authResult = $authContext.AcquireTokenAsync($clusterApplicationId, $clientApplicationId, $credentials)
$Token = $authResult.Result.AccessToken
Connect-ServiceFabricCluster -AzureActiveDirectory -SecurityToken $Token -ConnectionEndpoint "your_cluster_name.location.cloudapp.azure.com:19000" -ServerCertThumbprint "your_server_cert_thumbprint"
That's basically it.
- Powershell hashmap: nested filtering
- How to propagate -Verbose to module functions?
- How do I find out from powershell if I am on a server or workstation?
- Optimizing a PowerShell Script
- How to `Import-Module` in PowerShell to parent session/process?
- `Invoke-Conda` cannot catch any arguments after powershell 7.5.0 update
- close and 'save as' for 100 of MS Paint files at once?
- Powershell profile.ps1 cannot be loaded because its operation is blocked by software restriction policies
- How can I capture the value of an untranslated SID in a Try/Catch code block?
- PowerShell .Count returns 1 on empty array
- How can I filter out text twice in Powershell?
- SharePoint | Delete Version History using PnP PowerShell
- Is it possible to list only files deleted from TFS using tf dir?
- WinRM cannot complete the operation. Verify that the specified computer name is valid
- Using start-process in a loop, where some programs will have arguments and some don't; Way to not have if $Arguments -ne $null
- How can I set left/right column justification in Powershell's "format-table"
- Invalid operands found for operator -eq
- Detect when user cancels $host.ui.promptforchoice prompt
- How can I make sure Powershell will correctly render all non-latin characters into the output?
- How can I choose between $MyInvocation.ScriptName and $MyInvocation.PSCommandPath in PowerShell?
- Azure pipeline template: dynamically retrieve and story keyvault secrets
- Maintaining property order with get-member
- PowerShell - Return an array of all possible properties for an ADObject
- List objects vs. Arrays in PowerShell
- Run Invoke-Command in remote computer as administrator
- Authenticate to Azure with certificate from Linux
- How to recursively append to file name in powershell?
- Mapped network drives are not showing in My Computer
- Delete files in a folder except a list of extensions I specify
- How to open 'This PC' using CMD or Powershell?