[英]Grant Azure Function access to ARM REST API
今年早些時候,我創建了一個Azure函數,該函數使用Azure REST API以編程方式復制數據庫。 此方法有效,但由於某種原因現已停止工作。
為了進行身份驗證,Azure函數中的代碼獲取一個身份驗證令牌...
var azureServiceTokenProvider = new AzureServiceTokenProvider();
var accessToken = await azureServiceTokenProvider.GetAccessTokenAsync("https://management.azure.com/");
_httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
我們在Azure門戶中做了一些其他操作,以授予Azure Function權限以執行此操作。 我記得從下拉菜單中選擇了Azure Function本身(我認為是在Access Control (IAM)
面板之一中)。 不幸的是,我不記得自己做了什么。
這突然停止工作,並且Azure函數無法顯示...
Parameters: Connectionstring: [No connection string specified], Resource: https://management.azure.com/, Authority: . Exception Message: Tried the following 4 methods to get an access token, but none of them worked.
Parameters: Connectionstring: [No connection string specified], Resource: https://management.azure.com/, Authority: . Exception Message: Tried to get token using Managed Service Identity. Unable to connect to the Managed Service Identity (MSI) endpoint. Please check that you are running on an Azure resource that has MSI setup.
Parameters: Connectionstring: [No connection string specified], Resource: https://management.azure.com/, Authority: . Exception Message: Tried to get token using Visual Studio. Access token could not be acquired. Visual Studio Token provider file not found at "D:\local\LocalAppData\.IdentityService\AzureServiceAuth\tokenprovider.json"
Parameters: Connectionstring: [No connection string specified], Resource: https://management.azure.com/, Authority: . Exception Message: Tried to get token using Azure CLI. Access token could not be acquired. 'az' is not recognized as an internal or external command,
operable program or batch file.
Parameters: Connectionstring: [No connection string specified], Resource: https://management.azure.com/, Authority: https://login.microsoftonline.com/common. Exception Message: Tried to get token using Active Directory Integrated Authentication. Access token could not be acquired. get_user_name_failed: Failed to get user name
Inner Exception : The format of the specified domain name is invalid
調用AzureServiceTokenProvider.GetAccessTokenAsync()
顯示出我上面的代碼段中的AzureServiceTokenProvider.GetAccessTokenAsync()
錯誤。
我沒有更改代碼中的任何內容,但是團隊中的其他人可能已經在Azure中重新創建了內容-導致我們需要重做在門戶中所做的任何事情(如上所述)。
當執行此操作時,我也找不到本應遵循的文章。 無論我要訪問哪個IAM面板(無論是訂閱本身還是sql服務器實例),我都可以選擇“ Assign assess to Function App
,但是它始終表示No Function App in this resource group can be assigned access.
。
有什么想法我想念的嗎? 如何授予功能應用程序向數據庫管理發出資源管理器REST請求的權限?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.