在 Azure 门户中尝试分配角色时,没有“访问控制 IAM”选项。

huangapple go评论62阅读模式
英文:

No "Access Control IAM" option when trying to assign a role in Azure portal

问题

我试图遵循此指南设置 BYOS 的快照调试器:

它指出我应该在存储帐户的访问控制(IAM)页面上,向名为 Diagnostic Services Trusted Storage Access 的 Azure Active Directory(Azure AD)应用程序授予“Storage Blob Data Contributor”角色。

在搜索名为“Diagnostic Services Trusted Storage Access”的资源时,我发现它是一个服务主体,并且没有“Access Control (IAM)”选项来分配角色。我需要采取什么措施才能看到该选项呢?

英文:

I am trying to follow this guide when trying to setup snapsot debugger for a BYOS:

https://learn.microsoft.com/en-us/azure/azure-monitor/profiler/profiler-bring-your-own-storage?tabs=azure-cli

It states I should "Grant the Storage Blob Data Contributor role to the Azure Active Directory (Azure AD) application named Diagnostic Services Trusted Storage Access via the Access Control (IAM) page in your storage account."

When searched for a resource called "Diagnostic Services Trusted Storage Access", what I found is a service principal and it doesn't have the option of "Access Control (IAM)" to assign the role.

Do I need to do something in order to have that option?

答案1

得分: 0

> 将 Storage Blob Data Contributor 角色授予名为 "Diagnostic Services Trusted Storage Access" 的 Azure Active Directory (Azure AD) 应用程序,通过存储帐户的访问控制 (IAM) 页面进行。

这意味着你需要在存储帐户的访问控制 (IAM) 页面中,为 "Diagnostic Services Trusted Storage Access" 服务主体分配角色。

进入 Azure 门户 -> 存储帐户 -> 你的存储帐户 -> 访问控制 (IAM) -> 添加角色分配

选择 Roles 部分下的 Storage Blob Data Contributor,然后点击下一步,如下图所示:

现在,点击 Select members,搜索 "Diagnostic Services Trusted Storage Access" 服务主体,选择它,如下图所示:

选择服务主体后,点击 Review+assign 授予角色,如下图所示:

你可以通过检查存储帐户的角色分配来进行 确认,方法如下图所示:

英文:

> Grant the Storage Blob Data Contributor role to the Azure Active
> Directory (Azure AD) application named Diagnostic Services Trusted
> Storage Access via the Access Control (IAM) page in your storage
> account

This means you need to assign role to "Diagnostic Services Trusted Storage Access" service principal in Access Control (IAM) page of your storage account.

Go to Azure Portal -> Storage Accounts -> Your Storage account -> Access Control (IAM) -> Add role assignment

在 Azure 门户中尝试分配角色时,没有“访问控制 IAM”选项。

Select Storage Blob Data Contributor under Roles section and click on Next like below:

在 Azure 门户中尝试分配角色时,没有“访问控制 IAM”选项。

Now, click on Select members and search for "Diagnostic Services Trusted Storage Access" service principal, select it like below:

在 Azure 门户中尝试分配角色时,没有“访问控制 IAM”选项。

After selecting the service principal, click on Review+assign to grant the role like below:

在 Azure 门户中尝试分配角色时,没有“访问控制 IAM”选项。

You can confirm it by checking role assignments of your storage account like this:

在 Azure 门户中尝试分配角色时,没有“访问控制 IAM”选项。

huangapple
  • 本文由 发表于 2023年5月7日 16:47:45
  • 转载请务必保留本文链接:https://go.coder-hub.com/76192944.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定