How to configure service principal for automated / scripted logins to Azure CLI

Steps:

• (check permissions)
• Azure Active Directory (AD) (AAD) level
• Azure Subscription level
  
• app registration
• AAD > App registrations > New registration 
• get tenant (directory) ID and app (client) ID
• configure authentication ( (select app) > Certificates & secrets )
  
• certificate-based (> Certificates > Upload certificate)
  
• password-based (> Client secrets > New client secret)
  
• app role assignment
• Subscriptions > (select) > Access control (IAM) > Add role assignment
• (configure access policies on resources)
  

Using Azure portal:

https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal

Using Azure CLI:

https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli

Login via Azure CLI (password-based):

az login --service-principal --tenant TENANT_ID  --username APP_ID --password PASSWORD

 Login via Azure CLI (certificate-based):

az login --service-principal --tenant TENANT_ID --username APP_ID --password /path/to/cert

Other sign-in options:

https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli

How to commit & push local changes to separate (new) Git branch

git checkout -b new-branch

# more files can be added in this step too, wildcards supported
git add /path/to/locally/changed/file

git commit -m "commit message"

git show-branch

git push origin new-branch

Inspired by https://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging.