在AAD应用程序注册中显示与托管服务标识服务主体相关联的应用程序 [英] Surface the application associated to a Managed Service Identity service principal in AAD app registrations
问题描述
我在Azure中拥有一个服务主体,该主体是在为我的Azure资产之一启用托管服务身份时创建的.我想使用门户中的应用程序注册"区域向此SP授予权限(我知道我可以使用Get-AzureRmADApplication也看不到. >
我可以使用powershell或REST API进行某种更改以使与MSI服务主体相关联的应用程序显示在该区域吗? 如果启用MSI,它将自动创建服务主体. 服务主体有一个关联的应用程序,其guid在AAD刀片服务器的企业应用程序"部分中可见 在 但是该应用程序ID在应用程序注册"部分中不可见,并且Get-AzureRmADApplication也看不到它. 如果创建应用程序注册,它还将在企业应用程序中创建服务主体.但是,如果启用MSI,则不会有AD应用程序(应用程序注册).您无法使 有关应用程序注册和服务主体的更多详细信息,请参阅此New-AzureADServiceAppRoleAssignment, but I'd like to create an application in this case). The Service Principal has an associated application whose guid is visible in the Enterprise Applications section of the AAD blade, but that application id isn't visible in the app registrations section and Can I use powershell or the REST API to somehow change make the application associated with the MSI's service principal show up in this area? If you enable the MSI, it will create a service principal automatically. The Service Principal has an associated application whose guid is visible in the Enterprise Applications section of the AAD blade What you have seen in the but that application id isn't visible in the app registrations section and Get-AzureRmADApplication doesn't see it either. If you create app registration, it will also create a service principal in the Enterprise Applications. But if you enable MSI, there will not be an AD app(app registration). You could not make the For more details about App registration and Service principal, refer to this link. 这篇关于在AAD应用程序注册中显示与托管服务标识服务主体相关联的应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
Enterprise Applications中看到的内容也称为service principal.您可以理解企业应用程序等于服务主体.
Enterprise Application(服务主体)显示在App registration中.另外,在授予AD应用程序权限时,它实际上是将权限授予服务主体. Get-AzureRmADApplication doesn't see it either.
Enterprise Applications is also called service principal. You could understand that the Enterprise Application equals service principal.
Enterprise Application(service principal) show up in the App registration. Also, when you granting permission to an AD app, it essentially grants the permission to the service principal.
