Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
In this article, you learn how to re-enable the Azure VMware Solution service principal. This service principal is required to be enabled to deploy the Azure VMware Solution Generation 2 (Gen 2) private clouds. If you're already familiar with how to enable service principal, re-enable the service principal for application ID '1a5e141d-70dd-4594-8442-9fc46fa48686' with name 'Avs Fleet Rp'.
Prerequisite
You must have the permissions to edit applications in your Microsoft Entra ID tenant, such as:
- Cloud Application Administrator
- Application Administrator
- Global Administrator
Enable first-party application service principal for Azure VMware Solution Gen 2 Private Clouds
There are two options to enable the service principal for Azure VMware Solution. You can use either the Microsoft Entra ID portal or Azure PowerShell. The following sections describe both options.
Option 1: From the Portal
Select Microsoft Entra ID.
Search Microsoft Entra ID for the application ID
1a5e141d-70dd-4594-8442-9fc46fa48686. Select 'Avs Fleet Rp'.Enable the 'Avs Fleet Rp' Enterprise application for user sign-in by toggling the Enabled for users to sign-in toggle to Yes.
Ensure you select Save.
Option 2: From Azure PowerShell
Run the following command:
Get-AzADServicePrincipal -ApplicationId 1a5e141d-70dd-4594-8442-9fc46fa48686Use the 'ID' returned. You can copy the value from the 'ID' column to use in the next command. The 'ID' field is a full GUID.
Run the following command to enable the service principal using the value you copied from the 'ID' column:
Set-AzureADServicePrincipal -ObjectId 0a9fa53e-1930 -AccountEnabled $True
Option 3: From Azure CLI
Run the following command:
az ad sp update --id "1a5e141d-70dd-4594-8442-9fc46fa48686" --set accountEnabled=true
Validate and enable required applications
Azure VMware Solution Gen 2 relies on two first-party applications in Microsoft Entra ID:
- Avs Fleet Rp
- AzS VIS Prod App
Both apps must be enabled for proper operation of the Azure VMware Solution control plane.
If customers delete either application ID (for example, during a tenant cleanup), they can recover functionality by re-enabling the applications on the same page in Microsoft Entra ID. Make sure that both the Avs Fleet Rp and AzS VIS Prod App are set to Enabled for users to sign-in.
To help customers quickly identify issues, we added an error check that validates the presence of both apps. If either app is missing or disabled, the error message clearly indicates the required fix and provides a link back to this documentation for guidance.
Important
Always verify both applications are enabled before deploying or troubleshooting an Azure VMware Solution Gen 2
Next steps
Review steps to enable role assignments for your identifies if they are removed
Follow a tutorial for Creating an Azure VMware Gen 2 private cloud
Learn more about Azure VMware Solution Gen 2 private cloud design considerations