Don't look up AD SP ID

Andrews-McMeel-Universal · Aug 20, 2024 · 48e2bb0 · 48e2bb0
1 parent 468c14c
commit 48e2bb0
Showing 1 changed file with 1 addition and 4 deletions.
diff --git a/.github/workflows/azfunction-deploy.yaml b/.github/workflows/azfunction-deploy.yaml
@@ -222,14 +222,11 @@ jobs:
  with:
  inlineScript: |
  set -eu
- # Retrieve the object ID of the managed identity
- objectId=$(az ad sp show --id ${{ env.functionAppIdentity }} --query objectId --output tsv)
-
  # Retrieve the Key Vault ID
  keyVaultId=$(az keyvault show --name ${{ env.keyVaultName }} --query id --output tsv)
  
  # Assign the Key Vault Secrets User role to the managed identity using object ID and principal type
- az role assignment create --role "Key Vault Secrets User" --assignee-object-id $objectId --assignee-principal-type ServicePrincipal --scope $keyVaultId
+ az role assignment create --role "Key Vault Secrets User" --assignee-object-id --assignee-principal-type ServicePrincipal ${{ env.functionAppIdentity }} --scope $keyVaultId
  
  - name: Retrieve environment variables
  if: ${{ env.AZURE_CREDENTIALS_SET != 'false' }}