堆栈内存溢出
  简体   繁体   English

PowerShell 7 在 Linux 上,使用证书对 Azure 进行身份验证

[英]PowerShell 7 on Linux, using Certificate to Authenticate to Azure

 原文  2021-03-24 10:29:03       linux/ azure/ powershell/ azure-keyvault

问题描述

I am not that experienced with Linux, so bear with me:-) I am beginning to use the VSC Remote Development extension to connect to a Azure based Linux VM for PowerShell scripting purposes - works like a charm. I am not that experienced with Linux, so bear with me:-) I am beginning to use the VSC Remote Development extension to connect to a Azure based Linux VM for PowerShell scripting purposes - works like a charm.

But I would like to have some easy way of handling certificates, using to authenticate connections to Azure Resource Manager (using Connect-AzAccount and a SPN in Azure AD).但我想有一些简单的方法来处理证书,用于验证与 Azure 资源管理器的连接(使用 Connect-AzAccount 和 Azure AD 中的 SPN)。

I consider using the Azure KeyVault for Linux extension, which handle the cerificate distribution nicely.我考虑将 Azure KeyVault 用于 Linux 扩展,它可以很好地处理证书分发。 On windows, the certificates end up in the personal certificate store and are directly usable.在 windows 上,证书最终在个人证书存储中并且可以直接使用。 On Linux however, they end up in /var/lib/.. as PEM files.然而,在 Linux 上,它们最终以 PEM 文件的形式出现在 /var/lib/.. 中。 So how do I get them "usable" in the easiest possible way..?那么我如何以最简单的方式让它们“可用”..?

Thanks in advance for suggestions and ideas \Jesper提前感谢您的建议和想法 \Jesper

1 个解决方案

解决方案1
 0  2021-03-25 02:24:16

Yes, the Key Vault virtual machine extension for Linux is an easy way to go.是的,Linux 的Key Vault 虚拟机扩展是 go的简单方法。 The VM extension would require system or user-managed identity to be assigned to authenticate to the Key Vault. VM 扩展需要分配系统或用户管理的标识,以对 Key Vault 进行身份验证。 See How to authenticate to Key Vault and assign a Key Vault access policy .请参阅如何对 Key Vault 进行身份验证并分配 Key Vault 访问策略 You can use this identity to authenticate to any service that supports Azure AD authentication, without having credentials in your code.您可以使用此身份向任何支持 Azure AD 身份验证的服务进行身份验证,而无需在您的代码中使用凭据。

Your observed certificate URLs should be of the form https://myVaultName.vault.azure.net/secrets/myCertName .您观察到的证书 URL 的格式应为https://myVaultName.vault.azure.net/secrets/myCertName

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用来自 Linux 的证书对 Azure 进行身份验证 - Authenticate to Azure with certificate from Linux Linux和Mac上的Azure CLI:证书问题 - Azure CLI on Linux and Mac: certificate trouble Azure - Linux WebApp - 链的根证书 - Azure - Linux WebApp - Root certificate for chain 使用本地Linux组对SVN用户进行身份验证? - Authenticate SVN users using local Linux Groups? Azure Powershell模块-Linux(.NET Core)支持 - Azure Powershell Module - Linux (.NET Core) Support 在 Linux PowerShell 和 Linux ZD574D4BB40C84861791A69466 中使用“rm -rf” - Using 'rm -rf' in Linux PowerShell and Linux bash 使用Powershell远程登录linux - remotely login to linux using powershell 在 Linux Azure VM 的 /var/lib/waagent/ 中找不到 SSL 证书 - SSL Certificate is not found in /var/lib/waagent/ for Linux Azure VM 将上传到 Azure 门户的 TLS 证书加载到 Linux 应用服务容器中 - Loading a TLS certificate uploaded to the Azure portal into a Linux app service container Azure 管道,托管 Ubuntu 代理和 Azure CLI 任务与 Z3D265814E1EEEF0DCCZ7 正确使用模块和验证 - Azure Pipelines, Hosted Ubuntu Agent and Azure CLI Task with PowerShell Core: Use Az module and authenticate properly
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM