After enabling/deploying managed identity (service principal) on VMs, one of my junior colleague questioned me, where is service principal of managed identity is stored. Basically Service Principal (MSI) is a user account (Service Account ) and it is created under Azure Active Directory, but after few checks there was question again, where she can find same information under AAD now? For this, I provided below 3 steps (Azure Portal, Powershell and AzureCLI).
Part 1: Working With Azure Key Vault Using Azure PowerShell and AzureCLI
Part 2: Create a Virtual machine on Microsoft Azure
Part 3: Use a Azure VM system assigned managed identity to access Azure Key Vault
Azure Portal
On the Microsoft Azure web portal login and go to Azure Active directory, from navigation pane click Enterprise Application, Under all applications > Filter Application Type to Managed Identities and click Apply. This lists all the Identities, In my case I have only one service principal managed Identity identical to Azure Virtual Machine name.
After clicking on the Identity, It is a view of Overview | properties. There are more options to configure.
PowerShell AZ Module
Generally I use Powershell a lot and prefer over portal so below cmdlet helps to retrive the information of system assigned Service Principal identity. There are other identities but using parameter I have filtered the results to see what I can see.
❯ Get-AzADServicePrincipal -DisplayNameBeginsWith VM01
AzureCLI
Below azurecli command is alternative to PowerShell command to get the information of service principal.
❯ az ad sp list --display-name <Azure resource name>
Useful Articles
Create an Azure App registrations in Azure Active Directory using PowerShell & AzureCLI
Connect-AzureAD: One or more errors occurred. Could not load type 'System.Security.Cryptography.SHA256Cng'
Use Key Vault secret identifier url to get the secret value using Powershell
Working With Azure Key Vault Using Azure PowerShell and AzureCLI
Create key vault and secrets with access policies in Microsoft Azure
Creating a new user in Azure AD using oneliner PowerShell and Azure CLI
How to switch to other Azure AD tenant using PowerShell and Azure CLI