How to get objectId for the current Azure DevOps pipeline service principle?
In my release pipeline, I'm running an Azure Cli task with a PowerShell script. In the script, I want to grant the current pipeline SP a list secret permission for one azure Key vault.
For doing this, I will need the ObjectId for the current pipeline SP. Turns out this is the hardest thing ever. The pipeline settings only allow return PrincipaleId, then I tried az ad sp show --id $env:servicePrincipalId --query objectId -o tsv. However, this always returns empty string, I guess since the pipeline is authed by a token, Azure does not allow it to get info about itself.
Wondering how can I get this magic ObjectId for the current pipeline other than just pass the value in from pipeline variable
It was an issue with "objectId" parameter value. I have tried to replicate the same in Azure Portal. Instead of using objectId use id parameter, it will work.
az ad sp show *********** --query id -o tsv
Replicated the same in portal.
- Created a new Service principal
here are the service principal details:
Step2:
run the command with objectId parameter, output is empty. When we update with "id" it working as expected.