List current Subscription information

We will need the SubscriptionId from the subscription we will add the new ServicePrincipal to.

az account list -o table

or just get the ID

az account list \
--query [].id -o tsv

Set the SubscriptionId variable

Please set your SubscriptionId that you got from az account list -o table dommand.


Set the Service Principal password variable


Set the Service Principal name variable


Create Service Principal

RBAC stands for role based access control

az ad sp create-for-rbac \
--name=$SP_NAME \
--password=$SP_PASSWORD \
--role="Contributor" \

Create the Service Principal with a level access to a Resource Group only

Set Resource Group variable


Create the Service Principal

az ad sp create-for-rbac \
--name=$SP_NAME \
--password=$SP_PASSWORD \
--role="Contributor" \

Remember the password

Authenticate as the Service Principal

Getting info authentication info from the Service Principal

We need to get fields below to authenticate our app.

  • appId
  • password
  • tenant

Set the variables required for login


Login as the Service Principal

az login \
--service-principal \
-u $APP_ID \
--tenant $TENANT_ID

Check the account type

After you login as Service Principal, the type should be servicePrincipal.

az account list