检索凭据时，Key Vault + Function App 403被禁止 [英] Key Vault + Function App 403 forbidden when retrieving credentials

问题描述

按照

As per the example at https://blog.kloud.com.au/2017/09/19/enabling-and-using-managed-service-identity-to-access-an-azure-key-vault-with-azure-powershell-functions/ I've created a Managed Service Identity, a Function App, and set up a Key Vault to store credentials.

Unfortunately, no matter what I've I tried, I can't seem to get past a 403 forbidden message resulting when executing:

$authenticationResult = Invoke-RestMethod -Method Get -Headers $header -Uri ($endpoint +'?resource=' +$vaultTokenURI)

从授予访问权限到应用程序功能简单的GET权限，到授予完全的权限而没有任何更改. 

任何人都可以提出其他可能与该博客文章示例场景不同的其他因素的建议，例如查询字符串中的API版本，缺少其他一些设置步骤吗?

---

基思·托米| Twitter: @itgroove_keith |博客: http://yalla.itgroove.net

请点击提议作为答案"如果帖子解决了问题或投票为有帮助的"，

I've gone from granting simple GET permissions on the Access Policy to the function App, to granting full permissions, with no change. 

Would anyone be able to suggest some other factor that might be different from that blog posts example scenario e.g. API version in the querystring, some other setup step missing?

---

Keith Tuomi | Twitter: @itgroove_keith | Blog: http://yalla.itgroove.net

Please click "Propose As Answer" if a post solves the problem or "Vote As Helpful" if a post has been useful to you.

推荐答案

我遇到了完全相同的问题.我应该支持从Slot BTW进行即时通话.

Ive got the exact same problem. Im calling from a Slot BTW, should be supported.

这篇关于检索凭据时，Key Vault + Function App 403被禁止的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！