Create an Azure service principal with Azure CLI

This can be done using the Azure CLI or the Azure Portal. Here is the “How To” Azure documentation

Setup the Environment Variables

Once created, you need to set up these PowerShell environment variables. I place these in my PowerShell $Profile.

$env:ARM_CLIENT_ID       = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
$env:ARM_CLIENT_SECRET   = "YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY"
$env:ARM_TENANT_ID       = "ZZZZZZZZ-ZZZZ-ZZZZ-ZZZZ-ZZZZZZZZZZZZ"
$env:ARM_SUBSCRIPTION_ID = "SSSSSSSS-SSSS-SSSS-SSSS-SSSSSSSSSSSS"

You can use the same values in Pulumi configuration variables, if you prefer that they be stored alongside your Pulumi stack for easy multi-user access.

$ pulumi config set azure:clientId "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
$ pulumi config set azure:clientSecret "YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY" --secret
$ pulumi config set azure:tenantId "ZZZZZZZZ-ZZZZ-ZZZZ-ZZZZ-ZZZZZZZZZZZZ"

This eliminates having to do az login, which expires.