Features Pricing Catalog Docs Demos About Sign in Start free
Azure

Service Principal Audit

Every Azure service principal with its credentials, role assignments and last-used dates.

Tier Explorer
Category Security & Identity
Refresh every 60 min
Scope subscription-wide
Live preview — demo data

Same idea on another cloud

What this pane shows

Per-service-principal: display name, owned credentials (client secrets / certificates with creation date, age, last-used timestamp), Azure RBAC role assignments. Service principals with old credentials, unused credentials or excessive role assignments are surfaced first.

Key use cases

  • Rotate or delete service-principal credentials older than policy.
  • Identify service principals with unused credentials.
  • Audit which service principals hold privileged roles.
  • Catch a service principal with overly-broad role assignments.

How to embed

lp.js is the single-entry loader: it injects the shared LightPane runtime (and sd-embed.css) once per page. Add this pane's own stylesheet and script; the pane mounts itself wherever the matching <div> is in the DOM.

<!-- In <head> — this pane's stylesheet -->
<link rel="stylesheet" href="https://lightpane.io/_pane-tests/azure/iam-sa-audit/iam-sa-audit.css">

<!-- Your access key (inline, or set window.lpEmbed.accessKey from your own JS) -->
<script>window.lpEmbed = { accessKey: "<your-access-key>" };</script>

<!-- Where the pane should appear -->
<div class="lp-azure-iam-sa-audit-panel" data-lp-account="<your-account-alias>"></div>

<!-- Before </body> — shared loader + this pane's script -->
<script src="https://lightpane.io/embed/lp.js"></script>
<script src="https://lightpane.io/_pane-tests/azure/iam-sa-audit/iam-sa-audit.js" defer></script>

Tier

Available on Explorer and above.

Build notes

Mock-only at the moment — live-wiring tracked in the roadmap.