...
Script execution prerequisite
You need Azure CLI module installedInstall the Azure AD Module
Make sure you have Application Developer Role
Make sure you have Local Machine administrative rights
Make sure KeyVault exists and permission to write to it
Make sure you have the ability to configure Enterprise Applications in Azure AD
Make sure you have the ability to grant admin consent in App Registrations
...
[Optional] Configuration file path or will default to the
app-registration-configuration.jsonin the same directory as themain.ps1script fileIf the configuration file is not in the same directory, the absolute path must be provided, and the
isAbsolutePathparameter must be passed in to the script
[Optional] You can specify the Tenant/Directory Id, or the script will use the current directory your user account is logged in under.
Permissions folder
ResourceAccess folder
Roles folder
app-registration-configuration.json[Configuration File]main.ps1app-registration.ps1app-registration-oauth2permissions.ps1app-registration-roles.ps1
Run PowerShell in administrator mode and execute the following commands:
...
| Code Block | ||
|---|---|---|
| ||
Set-ExecutionPolicy remotesigned
Connect-AzureAD
.\main.ps1 |
If the configuration file is not the same directory as main.ps1 file -
| Code Block | ||
|---|---|---|
| ||
Set-ExecutionPolicy remotesigned Connect-AzureAD .\main.ps1 -appConfigurationFileName [absolute path as a text] -isAbsolutePath |
If passing the Tenant Id to the script:
| Code Block | ||
|---|---|---|
| ||
Set-ExecutionPolicy remotesigned
Connect-AzureAD
.\main.ps1 -tenantId [value as text] |
Post Script Execution
Define and assign Azure AD Groups to the newly created Work Management Service and Vessel Registry App Registrations
In the newly created Vessel Registry App Registration → Manage → API permissions → click on the Grant admin consent
...