Exposing Prometheus Metrics for Azure App Registration useful for alerting on expiring Service Principal Credentials.
See Documentation for more information.
Contribute on the Project page
Install using Helm or Docker and create a Service Principal to use with Azure.
The service authenticates against Azure using Environmental Credentials, i.e.
- AZURE_TENANT_ID: ID of the service principal's tenant. Also called its 'directory' ID.
- AZURE_CLIENT_ID: the application ID
- AZURE_CLIENT_SECRET: one of the service principal's client secrets
The Service Principal should have at least API permission Application.Read.All (Graph & Active Directory)
While it is not officially possible to tag app registrations, you can still open the manifest json in the Azure portal, manually change the "tags" property and save it.
Use the FILTER_TAGS environment variable with a comma separated list of tags to only retrive the app registrations that have one of the given tags attached.