Getting the service principal for an Azure Automation Account connection using PowerShell

I know how Get-AutomationAccount can be used to retrieve the connection details internally while running a runbook within an automation account.

However, what if I want to be able to report on the service principal being used by the AzureRunAsConnection external to a runbook job?

I've tried something like the following:

$automationAccount = Get-AzAutomationAccount -ResourceGroupName $rg -Name $name
$conn = $automationAccount | Get-AzAutomationConnection
$conn.FieldDefinitionValues

However, the FielDefinitionValues hashtable has nothing in it? I was expecting to see things like tenantId, ApplicationId, etc.

I can get this information via the portal by clicking on:

> AutomationAccount > Run as accounts > Azure RunAs Account

or by

> AutomationAccount > Connections > AzureRunAsConnection

But can't see how I can get this info for the RunAs Account from PowerShell?

Thanks in advance.

Yes, you need to use $conn = $automationAccount | Get-AzAutomationConnection -Name "AzureRunAsConnection" .

>Maybe a bug?

It is not a bug, because the two commands call different REST APIs.

When using $conn = $automationAccount | Get-AzAutomationConnection, it calls this rest api Connection - List By Automation Account, the details of fieldDefinitionValues will not be exposed, it will always be null. You could check the sample response or catch the request of the powershell with fiddler.

When using $conn = $automationAccount | Get-AzAutomationConnection -Name "AzureRunAsConnection", it calls this rest api Connection - Get. The fieldDefinitionValues will include the properties you want.

You answered this yourself in the comments. But just to stop this question coming up as unanswered:

$conn = $automationAccount | Get-AzAutomationConnection -Name "AzureRunAsConnection"