azuread.getServicePrincipals
Explore with Pulumi AI
Gets basic information for multiple Azure Active Directory service principals.
API Permissions
The following API permissions are required in order to use this data source.
When authenticated with a service principal, this data source requires one of the following application roles: Application.Read.All
or Directory.Read.All
When authenticated with a user principal, this data source does not require any additional roles.
Example Usage
Look up by application display names
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";
const example = azuread.getServicePrincipals({
displayNames: [
"example-app",
"another-app",
],
});
import pulumi
import pulumi_azuread as azuread
example = azuread.get_service_principals(display_names=[
"example-app",
"another-app",
])
package main
import (
"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := azuread.GetServicePrincipals(ctx, &azuread.GetServicePrincipalsArgs{
DisplayNames: []string{
"example-app",
"another-app",
},
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureAD = Pulumi.AzureAD;
return await Deployment.RunAsync(() =>
{
var example = AzureAD.GetServicePrincipals.Invoke(new()
{
DisplayNames = new[]
{
"example-app",
"another-app",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuread.AzureadFunctions;
import com.pulumi.azuread.inputs.GetServicePrincipalsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = AzureadFunctions.getServicePrincipals(GetServicePrincipalsArgs.builder()
.displayNames(
"example-app",
"another-app")
.build());
}
}
variables:
example:
fn::invoke:
Function: azuread:getServicePrincipals
Arguments:
displayNames:
- example-app
- another-app
Look up by application IDs (client IDs)
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";
const example = azuread.getServicePrincipals({
clientIds: [
"11111111-0000-0000-0000-000000000000",
"22222222-0000-0000-0000-000000000000",
"33333333-0000-0000-0000-000000000000",
],
});
import pulumi
import pulumi_azuread as azuread
example = azuread.get_service_principals(client_ids=[
"11111111-0000-0000-0000-000000000000",
"22222222-0000-0000-0000-000000000000",
"33333333-0000-0000-0000-000000000000",
])
package main
import (
"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := azuread.GetServicePrincipals(ctx, &azuread.GetServicePrincipalsArgs{
ClientIds: []string{
"11111111-0000-0000-0000-000000000000",
"22222222-0000-0000-0000-000000000000",
"33333333-0000-0000-0000-000000000000",
},
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureAD = Pulumi.AzureAD;
return await Deployment.RunAsync(() =>
{
var example = AzureAD.GetServicePrincipals.Invoke(new()
{
ClientIds = new[]
{
"11111111-0000-0000-0000-000000000000",
"22222222-0000-0000-0000-000000000000",
"33333333-0000-0000-0000-000000000000",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuread.AzureadFunctions;
import com.pulumi.azuread.inputs.GetServicePrincipalsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = AzureadFunctions.getServicePrincipals(GetServicePrincipalsArgs.builder()
.clientIds(
"11111111-0000-0000-0000-000000000000",
"22222222-0000-0000-0000-000000000000",
"33333333-0000-0000-0000-000000000000")
.build());
}
}
variables:
example:
fn::invoke:
Function: azuread:getServicePrincipals
Arguments:
clientIds:
- 11111111-0000-0000-0000-000000000000
- 22222222-0000-0000-0000-000000000000
- 33333333-0000-0000-0000-000000000000
Look up by service principal object IDs
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";
const example = azuread.getServicePrincipals({
objectIds: [
"00000000-0000-0000-0000-000000000000",
"00000000-0000-0000-0000-111111111111",
"00000000-0000-0000-0000-222222222222",
],
});
import pulumi
import pulumi_azuread as azuread
example = azuread.get_service_principals(object_ids=[
"00000000-0000-0000-0000-000000000000",
"00000000-0000-0000-0000-111111111111",
"00000000-0000-0000-0000-222222222222",
])
package main
import (
"github.com/pulumi/pulumi-azuread/sdk/v6/go/azuread"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := azuread.GetServicePrincipals(ctx, &azuread.GetServicePrincipalsArgs{
ObjectIds: []string{
"00000000-0000-0000-0000-000000000000",
"00000000-0000-0000-0000-111111111111",
"00000000-0000-0000-0000-222222222222",
},
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureAD = Pulumi.AzureAD;
return await Deployment.RunAsync(() =>
{
var example = AzureAD.GetServicePrincipals.Invoke(new()
{
ObjectIds = new[]
{
"00000000-0000-0000-0000-000000000000",
"00000000-0000-0000-0000-111111111111",
"00000000-0000-0000-0000-222222222222",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuread.AzureadFunctions;
import com.pulumi.azuread.inputs.GetServicePrincipalsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = AzureadFunctions.getServicePrincipals(GetServicePrincipalsArgs.builder()
.objectIds(
"00000000-0000-0000-0000-000000000000",
"00000000-0000-0000-0000-111111111111",
"00000000-0000-0000-0000-222222222222")
.build());
}
}
variables:
example:
fn::invoke:
Function: azuread:getServicePrincipals
Arguments:
objectIds:
- 00000000-0000-0000-0000-000000000000
- 00000000-0000-0000-0000-111111111111
- 00000000-0000-0000-0000-222222222222
Using getServicePrincipals
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getServicePrincipals(args: GetServicePrincipalsArgs, opts?: InvokeOptions): Promise<GetServicePrincipalsResult>
function getServicePrincipalsOutput(args: GetServicePrincipalsOutputArgs, opts?: InvokeOptions): Output<GetServicePrincipalsResult>
def get_service_principals(client_ids: Optional[Sequence[str]] = None,
display_names: Optional[Sequence[str]] = None,
ignore_missing: Optional[bool] = None,
object_ids: Optional[Sequence[str]] = None,
return_all: Optional[bool] = None,
opts: Optional[InvokeOptions] = None) -> GetServicePrincipalsResult
def get_service_principals_output(client_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
display_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
ignore_missing: Optional[pulumi.Input[bool]] = None,
object_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
return_all: Optional[pulumi.Input[bool]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetServicePrincipalsResult]
func GetServicePrincipals(ctx *Context, args *GetServicePrincipalsArgs, opts ...InvokeOption) (*GetServicePrincipalsResult, error)
func GetServicePrincipalsOutput(ctx *Context, args *GetServicePrincipalsOutputArgs, opts ...InvokeOption) GetServicePrincipalsResultOutput
> Note: This function is named GetServicePrincipals
in the Go SDK.
public static class GetServicePrincipals
{
public static Task<GetServicePrincipalsResult> InvokeAsync(GetServicePrincipalsArgs args, InvokeOptions? opts = null)
public static Output<GetServicePrincipalsResult> Invoke(GetServicePrincipalsInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetServicePrincipalsResult> getServicePrincipals(GetServicePrincipalsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: azuread:index/getServicePrincipals:getServicePrincipals
arguments:
# arguments dictionary
The following arguments are supported:
- Client
Ids List<string> - A list of client IDs of the applications associated with the service principals.
- Display
Names List<string> - A list of display names of the applications associated with the service principals.
- Ignore
Missing bool - Ignore missing service principals and return all service principals that are found. The data source will still fail if no service principals are found. Defaults to false.
- Object
Ids List<string> - The object IDs of the service principals.
- Return
All bool When
true
, the data source will return all service principals. Cannot be used withignore_missing
. Defaults to false.Either
return_all
, or one ofclient_ids
,display_names
orobject_ids
must be specified. These may be specified as an empty list, in which case no results will be returned.
- Client
Ids []string - A list of client IDs of the applications associated with the service principals.
- Display
Names []string - A list of display names of the applications associated with the service principals.
- Ignore
Missing bool - Ignore missing service principals and return all service principals that are found. The data source will still fail if no service principals are found. Defaults to false.
- Object
Ids []string - The object IDs of the service principals.
- Return
All bool When
true
, the data source will return all service principals. Cannot be used withignore_missing
. Defaults to false.Either
return_all
, or one ofclient_ids
,display_names
orobject_ids
must be specified. These may be specified as an empty list, in which case no results will be returned.
- client
Ids List<String> - A list of client IDs of the applications associated with the service principals.
- display
Names List<String> - A list of display names of the applications associated with the service principals.
- ignore
Missing Boolean - Ignore missing service principals and return all service principals that are found. The data source will still fail if no service principals are found. Defaults to false.
- object
Ids List<String> - The object IDs of the service principals.
- return
All Boolean When
true
, the data source will return all service principals. Cannot be used withignore_missing
. Defaults to false.Either
return_all
, or one ofclient_ids
,display_names
orobject_ids
must be specified. These may be specified as an empty list, in which case no results will be returned.
- client
Ids string[] - A list of client IDs of the applications associated with the service principals.
- display
Names string[] - A list of display names of the applications associated with the service principals.
- ignore
Missing boolean - Ignore missing service principals and return all service principals that are found. The data source will still fail if no service principals are found. Defaults to false.
- object
Ids string[] - The object IDs of the service principals.
- return
All boolean When
true
, the data source will return all service principals. Cannot be used withignore_missing
. Defaults to false.Either
return_all
, or one ofclient_ids
,display_names
orobject_ids
must be specified. These may be specified as an empty list, in which case no results will be returned.
- client_
ids Sequence[str] - A list of client IDs of the applications associated with the service principals.
- display_
names Sequence[str] - A list of display names of the applications associated with the service principals.
- ignore_
missing bool - Ignore missing service principals and return all service principals that are found. The data source will still fail if no service principals are found. Defaults to false.
- object_
ids Sequence[str] - The object IDs of the service principals.
- return_
all bool When
true
, the data source will return all service principals. Cannot be used withignore_missing
. Defaults to false.Either
return_all
, or one ofclient_ids
,display_names
orobject_ids
must be specified. These may be specified as an empty list, in which case no results will be returned.
- client
Ids List<String> - A list of client IDs of the applications associated with the service principals.
- display
Names List<String> - A list of display names of the applications associated with the service principals.
- ignore
Missing Boolean - Ignore missing service principals and return all service principals that are found. The data source will still fail if no service principals are found. Defaults to false.
- object
Ids List<String> - The object IDs of the service principals.
- return
All Boolean When
true
, the data source will return all service principals. Cannot be used withignore_missing
. Defaults to false.Either
return_all
, or one ofclient_ids
,display_names
orobject_ids
must be specified. These may be specified as an empty list, in which case no results will be returned.
getServicePrincipals Result
The following output properties are available:
- Client
Ids List<string> - The client ID of the application associated with this service principal.
- Display
Names List<string> - A list of display names of the applications associated with the service principals.
- Id string
- The provider-assigned unique ID for this managed resource.
- Object
Ids List<string> - The object IDs of the service principals.
- Service
Principals List<Pulumi.Azure AD. Outputs. Get Service Principals Service Principal> - A list of service principals. Each
service_principal
object provides the attributes documented below. - Ignore
Missing bool - Return
All bool
- Client
Ids []string - The client ID of the application associated with this service principal.
- Display
Names []string - A list of display names of the applications associated with the service principals.
- Id string
- The provider-assigned unique ID for this managed resource.
- Object
Ids []string - The object IDs of the service principals.
- Service
Principals []GetService Principals Service Principal - A list of service principals. Each
service_principal
object provides the attributes documented below. - Ignore
Missing bool - Return
All bool
- client
Ids List<String> - The client ID of the application associated with this service principal.
- display
Names List<String> - A list of display names of the applications associated with the service principals.
- id String
- The provider-assigned unique ID for this managed resource.
- object
Ids List<String> - The object IDs of the service principals.
- service
Principals List<GetService Principals Service Principal> - A list of service principals. Each
service_principal
object provides the attributes documented below. - ignore
Missing Boolean - return
All Boolean
- client
Ids string[] - The client ID of the application associated with this service principal.
- display
Names string[] - A list of display names of the applications associated with the service principals.
- id string
- The provider-assigned unique ID for this managed resource.
- object
Ids string[] - The object IDs of the service principals.
- service
Principals GetService Principals Service Principal[] - A list of service principals. Each
service_principal
object provides the attributes documented below. - ignore
Missing boolean - return
All boolean
- client_
ids Sequence[str] - The client ID of the application associated with this service principal.
- display_
names Sequence[str] - A list of display names of the applications associated with the service principals.
- id str
- The provider-assigned unique ID for this managed resource.
- object_
ids Sequence[str] - The object IDs of the service principals.
- service_
principals Sequence[GetService Principals Service Principal] - A list of service principals. Each
service_principal
object provides the attributes documented below. - ignore_
missing bool - return_
all bool
- client
Ids List<String> - The client ID of the application associated with this service principal.
- display
Names List<String> - A list of display names of the applications associated with the service principals.
- id String
- The provider-assigned unique ID for this managed resource.
- object
Ids List<String> - The object IDs of the service principals.
- service
Principals List<Property Map> - A list of service principals. Each
service_principal
object provides the attributes documented below. - ignore
Missing Boolean - return
All Boolean
Supporting Types
GetServicePrincipalsServicePrincipal
- Account
Enabled bool - Whether the service principal account is enabled.
- App
Role boolAssignment Required - Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application.
- Application
Tenant stringId - The tenant ID where the associated application is registered.
- Client
Id string - The application ID (client ID) for the associated application
- Display
Name string - The display name of the application associated with this service principal.
- Object
Id string - The object ID of the service principal.
- Preferred
Single stringSign On Mode - The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps.
- Saml
Metadata stringUrl - The URL where the service exposes SAML metadata for federation.
- Service
Principal List<string>Names - A list of identifier URI(s), copied over from the associated application.
- Sign
In stringAudience - The Microsoft account types that are supported for the associated application. Possible values include
AzureADMyOrg
,AzureADMultipleOrgs
,AzureADandPersonalMicrosoftAccount
orPersonalMicrosoftAccount
. - List<string>
- A list of tags applied to the service principal.
- Type string
- Identifies whether the service principal represents an application or a managed identity. Possible values include
Application
orManagedIdentity
.
- Account
Enabled bool - Whether the service principal account is enabled.
- App
Role boolAssignment Required - Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application.
- Application
Tenant stringId - The tenant ID where the associated application is registered.
- Client
Id string - The application ID (client ID) for the associated application
- Display
Name string - The display name of the application associated with this service principal.
- Object
Id string - The object ID of the service principal.
- Preferred
Single stringSign On Mode - The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps.
- Saml
Metadata stringUrl - The URL where the service exposes SAML metadata for federation.
- Service
Principal []stringNames - A list of identifier URI(s), copied over from the associated application.
- Sign
In stringAudience - The Microsoft account types that are supported for the associated application. Possible values include
AzureADMyOrg
,AzureADMultipleOrgs
,AzureADandPersonalMicrosoftAccount
orPersonalMicrosoftAccount
. - []string
- A list of tags applied to the service principal.
- Type string
- Identifies whether the service principal represents an application or a managed identity. Possible values include
Application
orManagedIdentity
.
- account
Enabled Boolean - Whether the service principal account is enabled.
- app
Role BooleanAssignment Required - Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application.
- application
Tenant StringId - The tenant ID where the associated application is registered.
- client
Id String - The application ID (client ID) for the associated application
- display
Name String - The display name of the application associated with this service principal.
- object
Id String - The object ID of the service principal.
- preferred
Single StringSign On Mode - The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps.
- saml
Metadata StringUrl - The URL where the service exposes SAML metadata for federation.
- service
Principal List<String>Names - A list of identifier URI(s), copied over from the associated application.
- sign
In StringAudience - The Microsoft account types that are supported for the associated application. Possible values include
AzureADMyOrg
,AzureADMultipleOrgs
,AzureADandPersonalMicrosoftAccount
orPersonalMicrosoftAccount
. - List<String>
- A list of tags applied to the service principal.
- type String
- Identifies whether the service principal represents an application or a managed identity. Possible values include
Application
orManagedIdentity
.
- account
Enabled boolean - Whether the service principal account is enabled.
- app
Role booleanAssignment Required - Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application.
- application
Tenant stringId - The tenant ID where the associated application is registered.
- client
Id string - The application ID (client ID) for the associated application
- display
Name string - The display name of the application associated with this service principal.
- object
Id string - The object ID of the service principal.
- preferred
Single stringSign On Mode - The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps.
- saml
Metadata stringUrl - The URL where the service exposes SAML metadata for federation.
- service
Principal string[]Names - A list of identifier URI(s), copied over from the associated application.
- sign
In stringAudience - The Microsoft account types that are supported for the associated application. Possible values include
AzureADMyOrg
,AzureADMultipleOrgs
,AzureADandPersonalMicrosoftAccount
orPersonalMicrosoftAccount
. - string[]
- A list of tags applied to the service principal.
- type string
- Identifies whether the service principal represents an application or a managed identity. Possible values include
Application
orManagedIdentity
.
- account_
enabled bool - Whether the service principal account is enabled.
- app_
role_ boolassignment_ required - Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application.
- application_
tenant_ strid - The tenant ID where the associated application is registered.
- client_
id str - The application ID (client ID) for the associated application
- display_
name str - The display name of the application associated with this service principal.
- object_
id str - The object ID of the service principal.
- preferred_
single_ strsign_ on_ mode - The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps.
- saml_
metadata_ strurl - The URL where the service exposes SAML metadata for federation.
- service_
principal_ Sequence[str]names - A list of identifier URI(s), copied over from the associated application.
- sign_
in_ straudience - The Microsoft account types that are supported for the associated application. Possible values include
AzureADMyOrg
,AzureADMultipleOrgs
,AzureADandPersonalMicrosoftAccount
orPersonalMicrosoftAccount
. - Sequence[str]
- A list of tags applied to the service principal.
- type str
- Identifies whether the service principal represents an application or a managed identity. Possible values include
Application
orManagedIdentity
.
- account
Enabled Boolean - Whether the service principal account is enabled.
- app
Role BooleanAssignment Required - Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application.
- application
Tenant StringId - The tenant ID where the associated application is registered.
- client
Id String - The application ID (client ID) for the associated application
- display
Name String - The display name of the application associated with this service principal.
- object
Id String - The object ID of the service principal.
- preferred
Single StringSign On Mode - The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps.
- saml
Metadata StringUrl - The URL where the service exposes SAML metadata for federation.
- service
Principal List<String>Names - A list of identifier URI(s), copied over from the associated application.
- sign
In StringAudience - The Microsoft account types that are supported for the associated application. Possible values include
AzureADMyOrg
,AzureADMultipleOrgs
,AzureADandPersonalMicrosoftAccount
orPersonalMicrosoftAccount
. - List<String>
- A list of tags applied to the service principal.
- type String
- Identifies whether the service principal represents an application or a managed identity. Possible values include
Application
orManagedIdentity
.
Package Details
- Repository
- Azure Active Directory (Azure AD) pulumi/pulumi-azuread
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azuread
Terraform Provider.