通过传递凭据来验证ARM模板 [英] Hoe to validate ARM template by passing credentials

问题描述

我的ARM模板运行正常. 我需要通过传递凭据来认证我的ARM模板. 查看日志后，我可以看到以下条目

My ARM template is running fine. I need to authenticate my ARM template by passing credentials. When I have gone through logs I can see below entries

[debug] 00000-000000-00000-00000-000000000 auth param serviceprincipalid = ******** [debug] 00000-000000-00000-00000-000000000 auth param serviceprincipalkey = ********

[debug]00000-000000-00000-00000-000000000 auth param serviceprincipalid = ******** [debug]00000-000000-00000-00000-000000000 auth param serviceprincipalkey = ********

此服务主体ID和服务主体密钥是什么? 我没有在ARM模板中传递这些值. 我试图弄清楚这些值是从哪里获取的，这些值在加密时是什么.

What is this Service Principal Id and Service Principal Key? I am not passing these values in ARM template. I am trying to figure out where these values are fetched and what is these values as values are encrypted.

我们可以显式传递这些值并验证ARM模板吗?

Can we explicitly pass these values and validate ARM template.

推荐答案

服务主体ID来自Azure Active Directory中保存的应用程序

The service principal id comes from applications held within your Azure Active Directory this documentation from Octopus Deploy is good at giving you a simple overview of how to create one of these.

此外，请注意该文章底部的部分，该部分向您展示如何设置此权限.这一点非常重要，因为您的服务负责人需要访问您的Azure CRUD资源订阅.

Also, note the section at the bottom of that article which shows you how to set this permissions. This bit is really important as your Service Principal needs access to your Azure subscription to CRUD resources.

关于利用依赖于所使用的CI/CD平台的服务主体.本质上，部署手臂模板的步骤需要作为服务主体运行.大多数平台都有记录到文档的连接到Azure的方式

As for utilising the service principal that depends on which CI/CD platform you are using. Essentially the step which deploys the arm template needs run as the service principal. Most platforms will have a documented way of connecting to Azure

希望有帮助.

这篇关于通过传递凭据来验证ARM模板的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！