英文:
No "Access Control IAM" option when trying to assign a role in Azure portal
问题
我试图遵循此指南设置 BYOS 的快照调试器:
它指出我应该在存储帐户的访问控制(IAM)页面上,向名为 Diagnostic Services Trusted Storage Access 的 Azure Active Directory(Azure AD)应用程序授予“Storage Blob Data Contributor”角色。
在搜索名为“Diagnostic Services Trusted Storage Access”的资源时,我发现它是一个服务主体,并且没有“Access Control (IAM)”选项来分配角色。我需要采取什么措施才能看到该选项呢?
英文:
I am trying to follow this guide when trying to setup snapsot debugger for a BYOS:
It states I should "Grant the Storage Blob Data Contributor role to the Azure Active Directory (Azure AD) application named Diagnostic Services Trusted Storage Access via the Access Control (IAM) page in your storage account."
When searched for a resource called "Diagnostic Services Trusted Storage Access", what I found is a service principal and it doesn't have the option of "Access Control (IAM)" to assign the role.
Do I need to do something in order to have that option?
答案1
得分: 0
> 将 Storage Blob Data Contributor 角色授予名为 "Diagnostic Services Trusted Storage Access" 的 Azure Active Directory (Azure AD) 应用程序,通过存储帐户的访问控制 (IAM) 页面进行。
这意味着你需要在存储帐户的访问控制 (IAM) 页面中,为 "Diagnostic Services Trusted Storage Access" 服务主体分配角色。
进入 Azure 门户 -> 存储帐户 -> 你的存储帐户 -> 访问控制 (IAM) -> 添加角色分配
选择 Roles
部分下的 Storage Blob Data Contributor,然后点击下一步,如下图所示:
现在,点击 Select members
,搜索 "Diagnostic Services Trusted Storage Access" 服务主体,选择它,如下图所示:
选择服务主体后,点击 Review+assign
授予角色,如下图所示:
你可以通过检查存储帐户的角色分配来进行 确认,方法如下图所示:
英文:
> Grant the Storage Blob Data Contributor role to the Azure Active
> Directory (Azure AD) application named Diagnostic Services Trusted
> Storage Access via the Access Control (IAM) page in your storage
> account
This means you need to assign role to "Diagnostic Services Trusted Storage Access" service principal in Access Control (IAM) page of your storage account.
Go to Azure Portal -> Storage Accounts -> Your Storage account -> Access Control (IAM) -> Add role assignment
Select Storage Blob Data Contributor under Roles
section and click on Next like below:
Now, click on Select members
and search for "Diagnostic Services Trusted Storage Access" service principal, select it like below:
After selecting the service principal, click on Review+assign
to grant the role like below:
You can confirm it by checking role assignments of your storage account like this:
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论