我想以编程方式启动和停止虚拟机实例,如果可能的话,有人可以给我如何获取这两个值的分步指南:
AZURE_CLIENT_ID
AZURE_CLIENT_SECRET
通过 azure cli 或 Azure dev ops 门户创建都可以,我只是不明白为什么这个过程没有记录或有些直观。
我无法在任何地方参考执行此操作的过程。
我见过这个:
Attempted credentials:
EnvironmentCredential: invalid tenantID. You can locate your tenantID by following the instructions listed here: https://learn.microsoft.com/partner-center/find-ids-and-domain-names
WorkloadIdentityCredential: no token file specified. Check pod configuration or set TokenFilePath in the options
ManagedIdentityCredential: managed identity timed out. See https://aka.ms/azsdk/go/identity/troubleshoot#dac for more information
AzureCLICredential: Azure CLI not found on path
AzureDeveloperCLICredential: Azure Developer CLI not found on path
exit status 1
但据我所知,我已从我的 Azure 门户订阅中提供了正确的 TenantId?
我能做到的最好的是:
RESPONSE 403: 403 Forbidden
ERROR CODE: AuthorizationFailed
--------------------------------------------------------------------------------
{
"error": {
"code": "AuthorizationFailed",
"message": "The client '...' with object id '...' does not have authorization to perform action 'Microsoft.Compute/virtualMachines/start/action' over scope '/subscriptions/.../resourceGroups/.../providers/Microsoft.Compute/virtualMachines...' or the scope is invalid. If access was recently granted, please refresh your credentials."
}
}
为了获取 AZURE_CLIENT_ID 和 AZURE_CLIENT_SECRET 基本上您需要执行以下步骤:
在
Microsoft Entra ID
中创建 Azure Active Directory 应用程序:
MS EntraID
。App registrations
,然后单击 New registration
。生成客户端密钥:
Certificates & secrets
。Client secrets
部分下,单击 new client secret
。生成的客户端密钥是您的 AZURE_CLIENT_SECRET