我创建了Powershell Runbook,并添加了所有必需的详细信息和有效值。我仍然面临Select-AzureRmSubscription命令的错误。我一直遇到的错误是
Select-AzureRmSubscription:请提供有效的租户或有效的订阅。
我正在Powershell Runbook中使用以下连接设置:
$connectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
"Logging in to Azure..."
Add-AzureRmAccount -ServicePrincipal -TenantId $servicePrincipalConnection.TenantId -ApplicationId
$servicePrincipalConnection.ApplicationId -CertificateThumbprint
$servicePrincipalConnection.CertificateThumbprint
}
catch {
if (!$servicePrincipalConnection)
{
$ErrorMessage = "Connection
$connectionName not found."
throw $ErrorMessage
} else{
Write-Error -Message $_.Exception
throw $_.Exception
}
}
fetch-group-memberships | Select-Object UserName, PrincipalName, GroupName, AzureGroupName |Sort-Object GroupName| Export-Csv -NoTypeInformation -Path
'MEMBERSHIP.csv'
#=======================================================================================
# Select the subscription you are going to work with
#=======================================================================================
Select-AzureRmSubscription -SubscriptionId
"[removed for security purpose]"
#Get-AzureRmSubscription -SubscriptionName "BIG" | Select-AzureRmSubscription
#=======================================================================================
# Set the Current Storage Account to the approperiate location
#=======================================================================================
Set-AzureRmCurrentStorageAccount -StorageAccountName devapacbi01 -ResourceGroupName dev-rgp-apac-01
#=======================================================================================
# Capture the file that is local to automation and save to Storage Blob
#=======================================================================================
Set-AzureStorageBlobContent -Container bi-app-carm-im -File ADGROUP_MEMBERSHIP.csv -Blob _MEMBERSHIP_AL.csv -Force
即使订阅ID是正确的,它也仍然会如上所述抛出错误。
答案 0 :(得分:2)
这意味着您无权执行此操作。您需要为用于运行本的帐户分配适当的权限
答案 1 :(得分:0)
您不需要Select-AzureRmSubscription,因为Runbook连接仅与订阅相关联。
也要使Runbook在环境设置中运行以运行脚本,我更喜欢远离Set环境命令。
删除下面的订阅行和固定行应该可以。
$storageAccount = Get-AzureRmStorageAccount -StorageAccountName devapacbi01 -ResourceGroupName dev-rgp-apac-01
Set-AzureStorageBlobContent -Container bi-app-carm-im -File ADGROUP_MEMBERSHIP.csv -Blob _MEMBERSHIP_AL.csv -Context $storageAccount.Context -Force
希望这会有所帮助。
答案 2 :(得分:0)
已解决!你们是正确的,这是仅对自动化帐户具有正确权限的问题。我们应该可以使用您的存储帐户作为贡献者。在授予自动化RunAs(您的存储帐户的贡献者)正确的权限后,它可以正常运行并成功运行。比你们所有人再次。