modern-data-warehouse-dataops icon indicating copy to clipboard operation
modern-data-warehouse-dataops copied to clipboard
verified publisher icon Azure-Samples

[BUG] spns should be removed by clean-up script

Open elenaterenzi opened this issue 1 year ago • 1 comments

Description

  • The current clean-up script does not remove all SPNs. In particular SPNs created for ADF and storage are not deleted. The problem seems to be that the app registration is created without owner.
  • potentially, when clean-up is executed with Deployment ID, we should remove the "owned by you" filter and just filter for name.

Expected Behavior

  • All SPNs, specifically those with prefix mdwdops-stor and mdwdops-adf SPNs, should be deleted.

Reproduce

  1. Deploy once
  2. execute clean-up
  3. after clean-up completes the spns will still be in Entra see screenshot:

Image

Additional Context

elenaterenzi avatar Feb 07 '25 14:02 elenaterenzi

Here's what I used to clean up the "soft deleted" accounts:

Get-AzureADDeletedApplication -all 1 | ForEach-Object { Remove-AzureADdeletedApplication -ObjectId $_.ObjectId }

bsherwin avatar Feb 12 '25 14:02 bsherwin