What is a Service Principal?

Introduction

Service Principal is an application within Microsoft Entra ID, which is authorized to access Azure Subscription or Resource Groups or Resources in Azure.

Turbo360 uses authentication tokens of the Service Principal to manage the resources.

Azure Documenter is one of the core features of Turbo360. It uses Service Principal configured from user's Azure Active directory to access the Azure Subscription.

Client secret expiry

• It was previously difficult to keep track of the expiry date of a user's client secret configured through the Azure portal.

• Turbo360 now allows customers to configure the same date as the Azure portal in order to notify users 7 days before the expiration date to change the Client secret prior.

• Users can change the Client secret expiry date when adding or editing a Service Principal.

Add a Service Principal

• Users can add a Service Principal to Azure Documenter at any time from the Service principals section to generate an Azure document containing all the information provided.

• Azure Documenter automatically retrieves the list of Subscriptions associated with the configured Service Principal and allows the user to choose while generating an Azure document.

• By clicking the Add button, users can enter all the required Service Principal information. Once the validation is successful, click the Next button.

• The subsequent step entails selecting the access policy. Users have the option to enable the subscription checkbox to grant full access to all resource groups within it, or they can enable the subscription checkbox and designate a specific resource group for limited access.

• Next in Access policy, Choose the group to grant access to the selected subscriptions.

• By checking the subscription checkbox and clicking Bulk selection, it is possible to grant access for multiple subscriptions to similar document groups at once.

• Click save to add the service principal successfully.

Edit a Service Principal

• Users can change only the Client secret and Client secret expiration date by clicking the Edit icon in any of the associated Service Principals.

• Upon successful validation in edit service principal, users can choose to update their access policy.

Delete a Service Principal

• It is possible to delete the service principals by using the Delete icon.

Service Principal accessibility

Azure subscription for which the documentation is generated should always have reader access to a Service Principal object in the user's Microsoft Entra ID.