You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/search/search-security-rbac.md
+6-8Lines changed: 6 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -216,32 +216,30 @@ When testing roles, remember that roles are cumulative and inherited roles that
216
216
217
217
### [**REST API**](#tab/test-rest)
218
218
219
-
This approach assumes Postman as the REST client and uses a Postman collection and variables to provided the bearer token. You'll need Azure CLI or another tool to create a security principal for the REST client.
219
+
This approach assumes Postman as the REST client and uses a Postman collection and variables to provide the bearer token. You'll need Azure CLI or another tool to create a security principal for the REST client.
220
220
221
-
1. Open a command shell for Azure CLI. If you don't have Azure CLI installed, you can open [Create a service principal](/cli/azure/create-an-azure-service-principal-azure-cli#1-create-a-service-principal), select **Try It**.
222
-
223
-
1. Sign in to your Azure subscription.
221
+
1. Open a command shell for Azure CLI and sign in to your Azure subscription.
224
222
225
223
```azurecli
226
224
az login
227
225
```
228
226
229
-
1.First, get your subscription ID. In the console, enter the following command:
227
+
1.Get your subscription ID. You'll provide this value as variable in a future step.
230
228
231
229
```azurecli
232
230
az account show --query id -o tsv
233
231
````
234
232
235
-
1. Create a resource group for your security principal, specifying a location and name. This example uses the West US region.
233
+
1. Create a resource group for your security principal, specifying a location and name. This example uses the West US region. You'll provide this value as variable in a future step.
236
234
237
235
```azurecli
238
236
az group create -l westus -n MyResourceGroup
239
237
```
240
238
241
-
1. Create the service principal, replacing the placeholder values with valid values. You'll need a descriptive security principal name, subscription ID, resource group name. This example uses the "Search Service Contributor" (quote enclosed) role.
239
+
1. Create the service principal, replacing the placeholder values with valid values. You'll need a descriptive security principal name, subscription ID, and resource group name. This example uses the "Search Index Data Reader" (quote enclosed) role.
242
240
243
241
```azurecli
244
-
az ad sp create-for-rbac --name mySecurityPrincipalName --role "Search Service Contributor" --scopes /subscriptions/mySubscriptionID/resourceGroups/myResourceGroupName
242
+
az ad sp create-for-rbac --name mySecurityPrincipalName --role "Search Index Data Reader" --scopes /subscriptions/mySubscriptionID/resourceGroups/myResourceGroupName
245
243
```
246
244
247
245
A successful response includes "appId", "password", and "tenant". You'll use these values for the variables "clientId", "clientSecret", and "tenant".
0 commit comments