Single service principal for local dev, provisioning, and ci deployment of containers

[dfberry]

Service principal management is expensive and a security risk. I would like to create 1 service principal while in my developer loop. Create it locally, save the JSON output, use the Id within the provisioning so the same service principal has access to the resources, then use it again for deploying.

Or alternatively, get the service principal JSON including the password after azd creates it.

Since all my services are running in containers, and the SDK code uses DefaultAzureCredential, I need the service principal at the time I start the container locally, in cicd, or on Azure.

AZD handles the CICD and Azure but how do I manage local container development with service principals if azd creates the service principal?