stackoom
  简体   繁体   中英

Azure - assign managed identity access to VM before setup

 原文  2020-11-06 10:52:36       azure/ azure-virtual-machine

Question

I am writing a program in Java that creates a VM instance in Azure, uploads a script to a container, and downloads and executes the script in the VM. However, I am currently facing a difficulty in granting the machine access to the container. When the machine is already up, I can manually go to Azure and assign a role with access, however I want to do that in my program (when creating the VM) before the machine is up, so that the program can run uninterrupted. Is there a way to do that? From the Documentation

Currently, the Azure portal does not support assigning a user-assigned managed identity during the creation of a VM. Instead, refer to one of the following VM creation Quickstart articles to first create a VM, and then proceed to the next section for details on assigning a user-assigned managed identity to the VM

Am I understanding correctly that it is not possible? Is there a workaround?

1 answers

solution1
 1 ACCPTED  2020-11-09 06:06:18

It is possible, the doc just means you can't do that in the portal, not mean in the code.

In your case, actually I am not sure you want to use system-assigned identity or user-assigned identity.

Here is a sample which creates a Linux VM with system-assigned identity enabled via withSystemAssignedManagedServiceIdentity , if you want to use user-assigned identity, you could change the code to use WithUserAssignedManagedServiceIdentity , you can specific an existing or not-yet-created user assigned identity, it depends on your requirement.

VirtualMachine virtualMachine = azureResourceManager.virtualMachines()
                    .define(linuxVMName)
                        .withRegion(region)
                        .withNewResourceGroup(rgName)
                        .withNewPrimaryNetwork("10.0.0.0/28")
                        .withPrimaryPrivateIPAddressDynamic()
                        .withNewPrimaryPublicIPAddress(pipName)
                        .withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS)
                        .withRootUsername(userName)
                        .withRootPassword(password)
                        .withSize(VirtualMachineSizeTypes.STANDARD_DS2_V2)
                        .withOSDiskCaching(CachingTypes.READ_WRITE)
                        .withSystemAssignedManagedServiceIdentity()
                        .create();

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Managed Identity Authentication from non Azure VM How to access Azure storage account from VM using Python and managed identity / SAS credentials Windows VM system-assigned managed identity to access Azure Key Vault in Typescript? Using Azure Managed Identity in a Docker container running on an Azure VM Managed Identity fails when running WebApp from Azure VM Calling Azure function from VM using managed identity and REST API How to add user assigned managed identity to Azure Lab VM? Azure managed identity error - Could not find identity for access token Azure ARM Template, assign multiple roles to managed identity in Automation Account Assign a managed identity access to an application role using Terraform
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM