[Azure Key Vault]将访问策略添加到在另一个租户中创建的Azure AD应用程序中. [英] [Azure Key Vault] Add access policy to Azure AD application created in another tenant.

问题描述

在 ABC 租户中创建了Azure密钥保管库 AZK1 .

Created the Azure Key Vault AZK1 in ABC tenant.

在 ABC 租户中创建了Azure AD应用 ABC_KV_APP 并能够添加 AZK1 成功访问 ABC_KV_APP 应用程序的访问策略.

Created the Azure AD App ABC_KV_APP in ABC tenant and able to add AZK1 Access policy to ABC_KV_APP App successfully.

在中创建了Azure AD APP XYZ_KV_APP XYZ 租户已启用为多租户 APP.有了这个，当我试图添加 AZK1 对 XYZ_KV_APP的访问策略，在本机中找不到该应用程序.

Created Azure AD APP XYZ_KV_APP in XYZ tenant enabled as multi-tenant APP. With this When I am trying to Add AZK1 access policy to XYZ_KV_APP, Application is not discoverable in the principal.

这是我的其他 XYZ 租户的多租户应用程序的运行方式 XYZ_KV_APP 可以在 ABC 租户的 AZK1 Azure密钥保管库的添加访问策略主体并提供相应的权限吗?

Here how my other XYZ tenant's multi-tenant app XYZ_KV_APP can be discoverable in ABC tenant's AZK1 Azure key vault's adding access policy principal and provide respective permissions?

 

推荐答案

No as per my understanding this is not possible and if you register an application in a directory other than the default directory where Azure Key Vault resides then you cannot authorize that application to use your key vault. The application must be in the default directory where the key vault is created.

这篇关于[Azure Key Vault]将访问策略添加到在另一个租户中创建的Azure AD应用程序中.的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！