堆栈内存溢出
  简体   繁体   English

Azure自动化中的多个RunAs帐户

[英]Multiple RunAs Accounts in Azure Automation

 原文  2019-08-20 11:04:10       azure/ azure-automation/ azure-runbook

问题描述

Is it possible to have multiple runas accounts in Azure Automation? Azure自动化中是否可以有多个runas帐户?

I researched online including Microsoft Articles and couldn't find an answer. 我在网上搜索了包括Microsoft Articles在内的内容,但找不到答案。

2 个解决方案

解决方案1
 1 已采纳  2019-08-21 11:16:25

Doesn't have to be another AzureRunAs account. 不必是另一个AzureRunAs帐户。 The runbooks use a combination of connections and certificates to authenticate. 运行手册使用连接和证书的组合进行身份验证。 So you can add a new connection and have it use a different service principal. 因此,您可以添加一个新连接,并使它使用其他服务主体。 First you add a certificate, after that you create the connection and configure the service principal. 首先添加一个证书,然后创建连接并配置服务主体。 I have never tested using the same AzureRunAs certificate for different/multiple connections, but its worth testing if that is possible. 我从未测试过针对不同/多个连接使用相同的AzureRunAs证书,但是如果可能的话,值得进行测试。 The code for the runbook authenticating stays mostly the same, apart from having to change the name of the connection and such. 除了必须更改连接名称等之外,用于运行簿身份验证的代码几乎保持不变。

Have a look in the portal: 在门户中看看: 

Automation accounts -> Select the account -> Certificates
Automation accounts -> Select the account -> Connections

My code snippet: 我的代码段: 

$connectionName = "CustomConnectionNameHere";

            Try {
                # Get the connection "AzureRunAsConnection "
                $servicePrincipalConnection = Get-AutomationConnection -Name $connectionName

                "Logging in to Azure..."
                Add-AzureRmAccount `
                    -ServicePrincipal `
                    -TenantId $servicePrincipalConnection.TenantId `
                    -ApplicationId $servicePrincipalConnection.ApplicationId `
                    -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
            } catch {
                if (!$servicePrincipalConnection)
                {
                    $ErrorMessage = "Connection $connectionName not found."
                    throw $ErrorMessage
                } else{
                    Write-Error -Message $_.Exception
                    throw $_.Exception
                }
            }

解决方案2
 0  2019-08-21 01:25:32

不,您只能有两个运行方式帐户。(在CSP订阅中,您可以拥有新的运行方式帐户。)一个用于管理新的ARM资源,另一个用于管理经典资源。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Azure 自动化 Runas 账户权限不足 - Azure Automation Runas Account insufficient privileges Azure 自动化 RunAs 帐户访问 Active Directory 资源 - Azure Automation RunAs account access to Active Directory resource 使用Automation RunAs服务主体连接到Azure Analysis Services并进行处理 - Use Automation RunAs service principal to connect to Azure Analysis Services and process 用于将生命周期管理应用于同一订阅中的多个 Azure 存储帐户的自动化脚本 - Automation script for applying lifecycle management to multiple Azure storage accounts in the same subscription 在 Azure 中启动 VM,没有 runas 权限在 azure 自动化中使用 VM 启动 Runbook - Start VM in Azure, don’t have runas rights to use VM start runbook in azure automation Azure 自动化:Runbook、RunAs 帐户:如何允许访问 AAD(例如 Get-AzADUser)? - Azure Automation: Runbook, RunAs Account: How to allow access to AAD (e.g. for Get-AzADUser)? Windows Azure和多个存储帐户 - Windows Azure and multiple storage accounts 对于自动化帐户,使用 azure 资源图是否比 powershell cmdlet 更快? - For automation accounts, is using the azure resource graph faster than powershell cmdlets? 使用自动化帐户从azure密钥库安装ssl证书 - Install ssl certificate from azure key vault with Automation Accounts 用于Azure日志集成的多个存储帐户 - Multiple Storage Accounts for Azure Log Integration
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM