[英]Use a Azure Virtual Machine System-Assigned Managed Identity to access Azure SQL from Powershell
I need to run some bulk operations overnight on an azure sql database.我需要在一夜之间在 azure sql 数据库上运行一些批量操作。
I have a PowerShell script which uses invoke-sql commands using sql credentials for a service account.我有一个 PowerShell 脚本,它使用使用 sql 凭据的服务帐户调用 SQL 命令。 Here's an example:
这是一个例子:
$params = @{
'Database' = 'test-db'
'ServerInstance' = 'my-db.database.windows.net'
'Username' = 'service_account'
'Password' = 'my exposed password'
'OutputSqlErrors' = $true
'Query' = 'SELECT top 10 * FROM dbo.CaseHistory'
}
Invoke-Sqlcmd @params
I want to set this up as a windows scheduled task to run from my VM each night however I don't like having the SQL credentials there in the PowerShell script.我想将其设置为 windows 计划任务,以便每晚从我的 VM 运行,但是我不喜欢在 PowerShell 脚本中有 SQL 凭据。
The VM in question has a system-assigned managed identity which I'm already using to access blob storage.有问题的 VM 具有系统分配的托管标识,我已经在使用它来访问 blob 存储。
I've already set up a sql user for this identity in azure sql:我已经在 azure sql 中为此身份设置了 sql 用户:
CREATE USER [myVmName] FROM EXTERNAL PROVIDER
And I've granted all the required permissions.我已经授予了所有必需的权限。
How do I use the managed identity from the PowerShell script?如何使用 PowerShell 脚本中的托管标识?
PS I'm not precious about sticking with Invoke-Sqlcmd. PS 我不喜欢坚持使用 Invoke-Sqlcmd。
Congratulations Twisted have found the solution:恭喜 Twisted 找到了解决方案:
"I found this page with a section right at the bottom on using PowerShell with managed identities: Tutorial: Use a Windows VM system-assigned managed identity to access Azure SQL " "I found this page with a section right at the bottom on using PowerShell with managed identities: Tutorial: Use a Windows VM system-assigned managed identity to access Azure SQL "
I help him post it as answer and this can be beneficial to other community members.我帮助他将其发布为答案,这可能对其他社区成员有益。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.