我键入此cmd来授予密钥库许可,以使用我的地址的UPN(作为订阅的唯一用户)访问存储帐户,以便管理存储访问密钥:
az keyvault set-policy -n keyvault02 --upn [email protected] --storage-permissions get list delete set update regeneratekey getsas listsas deletesas setsas recover backup restore purge
但我遇到了此错误消息:
Unable to find user with upn '[email protected]'
Unable to get object id from principal name
AD许可是否存在问题(需要特定许可)或其他?
等待您的帮助
我尝试以下步骤解决。
# get user principal name(upn)
az ad user show --id {user-object-id}
# Give your user account permission to managed storage accounts
az keyvault set-policy --name {the key vault name} --upn {the user principal name} --storage-permissions get list delete set update regeneratekey getsas listsas deletesas setsas recover backup restore purge
这是doc。