问题
I have a service principal which I am using to deploy key vault. How can I fetch that service principals object id automatically with ARM template similarly as I can fetch MSI object id with line:
"objectId": "[reference(concat('Microsoft.Web/sites/', variables('function')), '2018-02-01', 'Full').identity.principalId]",
回答1:
I dont think you can. Your only option would be to pass it from the level above (ie from the powershell script that is invoking the template). Also, if you want to do that just to read data from the Key Vault in the template - you don't need that. Advanced Access Policies do that instead.
来源:https://stackoverflow.com/questions/61308250/azure-arm-template-add-deployer-object-id-to-key-vault-access-policies