我有许多B2B和B2C Azure Active Directory实例.如何为KeyVault分配一个? [英] I have many B2B and B2C Azure Active Directory instances. How do I assign one to KeyVault?
问题描述
我使用了以下powershell命令来创建Azure Key Vault:
I used the following powershell commands to create an Azure Key Vault:
//https://docs.microsoft.com/en-us/azure/key-vault/key-vault-get-started
Login-AzureRmAccount –Environment (Get-AzureRmEnvironment –Name AzureCloud)
set-azureRMContext -SubscriptionId ( Get-AzureRmSubscription -SubscriptionName "Visual Studio Enterprise").SubscriptionId
// Register-AzureRmResourceProvider -ProviderNamespace "Microsoft.KeyVault" (if error occurs in subscription)
New-AzureRmResourceGroup –Name "VaVaultRG" –Location 'SouthCentralUS'
New-AzureRmKeyVault -VaultName "VaVault" -ResourceGroupName "VaVaultRG" -Location 'SouthCentralUS'
此处的说明告诉我如何将Web应用程序链接到KeyVault.这可以利用(两者都可以... ...可以吗?)Azure AD B2C/B2B
The instructions here tell me how to link a web application to KeyVault. This leverages (both? ... either??) Azure AD B2C / B2B
- 如何使我的KeyVault与特定目录相关联?
推荐答案
默认情况下,密钥保管库与预订中关联的Azure AD关联.如果要切换Azure AD租户,可以在此处找到准则:
A Key Vault is associated with the Azure AD associated in the subscription where it was created by default. If you want to switch the Azure AD tenant, you can find guidelines here: https://docs.microsoft.com/en-us/azure/key-vault/key-vault-subscription-move-fix
其中的示例PowerShell脚本:
The example PowerShell script there:
$vaultResourceId = (Get-AzureRmKeyVault -VaultName myvault).ResourceId
$vault = Get-AzureRmResource –ResourceId $vaultResourceId -ExpandProperties
$vault.Properties.TenantId = (Get-AzureRmContext).Tenant.TenantId
$vault.Properties.AccessPolicies = @()
Set-AzureRmResource -ResourceId $vaultResourceId -Properties $vault.Properties
此处,TenantId切换到当前处于活动状态的那个. (Get-AzureRmContext).Tenant.TenantId返回租户的GUID.
Here the TenantId is switched to the one which is currently active. (Get-AzureRmContext).Tenant.TenantId returns the GUID for the tenant.
这篇关于我有许多B2B和B2C Azure Active Directory实例.如何为KeyVault分配一个?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
