我在Azure Gov 租户。我创建了一个 Azure 自动化帐户,这样我就可以在周末使用它来缩减 Web 应用程序的规模,使用powershell 运行手册我正在使用下面的代码来验证以帐户身份运行,但失败并显示以下错误消息:“跨云请求不支持机密客户端。”
$ConnectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$ServicePrincipalConnection = Get-AutomationConnection -Name $ConnectionName
# Logging into Azure
Add-AzureRmAccount `
-ServicePrincipal `
-TenantId $ServicePrincipalConnection.TenantId `
-ApplicationId $ServicePrincipalConnection.ApplicationId `
-CertificateThumbprint $ServicePrincipalConnection.CertificateThumbprint
-EnvironmentName "AzureUSGovernment"
Write-Output "Successfully logged in to Azure."
}
catch
{
if (!$ServicePrincipalConnection)
{
$ErrorMessage = "Connection $ConnectionName not found."
throw $ErrorMessage
}
else
{
Write-Error -Message $_.Exception
throw $_.Exception
}
}
我尝试使用较新的 powershell 模块使用不同的身份验证命令,但是我犯了同样的错误:
$connectionName = "AzureRunAsConnection"
$servicePrincipalConnection = Get-AutomationConnection -Name $connectionName
$logonAttempt = 0
$logonResult = $False
while(!($connectionResult) -And ($logonAttempt -le 10))
{
$LogonAttempt++
#Logging in to Azure...
$connectionResult = Connect-AzAccount `
-ServicePrincipal `
-Tenant $servicePrincipalConnection.TenantId `
-ApplicationId $servicePrincipalConnection.ApplicationId `
-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
Start-Sleep -Seconds 30
}
有人遇到过这个问题并找到了解决方法吗?我很困惑,希望得到任何帮助/协助。
答案1
这最终为我工作,添加-环境最后的参数解决了我的问题:
$ConnectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$Conn = Get-AutomationConnection -Name $ConnectionName
# Logging into Azure
Connect-AzAccount -ServicePrincipal -Tenant $Conn.TenantID -ApplicationId $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint -Environment AzureUSGovernment
Write-Output "Successfully logged in to Azure.