stackoom
  简体   繁体   中英

How to reset the password of the Service Principal created for the System Managed Identity in Azure?

 原文  2020-03-17 19:50:44       azure/ credentials/ azure-managed-identity

Question

I created an Azure Container Registry with the System Managed Identity. I know how to examine the Service Principal created for it:

C:\> az ad sp show --id 4***8
{
  "accountEnabled": "True",
  "alternativeNames": [
    "isExplicit=False",
    "/subscriptions/d***8/resourcegroups/VictorTestRG/providers/Microsoft.ContainerRegistry/registries/victorTestContainerRegistry"
  ],
  "appId": "7***6",
  "displayName": "victorTestContainerRegistry",
  "keyCredentials": [...],
  "objectId": "4***8",
  "objectType": "ServicePrincipal",
  "odata.metadata": "https://graph.windows.net/2***b/$metadata#directoryObjects/@Element",
  "odata.type": "Microsoft.DirectoryServices.ServicePrincipal",
  "servicePrincipalNames": [
    "7***6",
    "https://identity.azure.net/o***F/p***="
  ],
  "servicePrincipalType": "ManagedIdentity"
}

(I scrubbed certain values and omitted the fields having null or [] as their value for brevity)

Now I would like to reset the credentials for this Service Principal, but none of following worked for me:

C:\> az ad sp credential reset --name 4***8
Resource '4***8' does not exist or one of its queried reference-property objects are not present.
C:\> az ad sp credential reset --name "7***6"
Resource '7***6' does not exist or one of its queried reference-property objects are not present.
C:\> az ad sp credential reset --name victorTestContainerRegistry
Resource '7***6' does not exist or one of its queried reference-property objects are not present.
C:\> az ad sp credential reset --name "https://identity.azure.net/o***F/p***="
Resource '7***6' does not exist or one of its queried reference-property objects are not present.
C:\>

So, how can one reset the credentials of a System Managed Identity?

1 answers

solution1
 1 ACCPTED  2020-03-17 22:57:12

As Thomas commented, you do not manage the credentials. The point of using a Managed Identity is to get rid of that management.

The system will automatically rotate the certificates used by the identity behind the scenes. You should not need to do anything about it.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to use Service Principal/Managed Identity to access Azure App Configuration? Service principal or Managed Identity Connect to SharePoint and outlook using Azure Service principal/managed identity Azure service principal vs managed identity vs (enterprise) application Azure service principal reset How to view if a resource was created by a Azure service principal? Access O365 Exchange Online with an Azure Managed Identity or Service Principal Difference between Service Principal and Managed Identities in Azure How do I import an Azure AD Service Principal Password into Terraform? How to get password for Azure service principal after creating time?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM