Giter VIP home page Giter VIP logo

Comments (2)

mlhickey avatar mlhickey commented on July 19, 2024

Have to ask: does the -ManagedIdentity switch not work in this scenario?

from microsoft365dsc.

MarcoJanse avatar MarcoJanse commented on July 19, 2024

Thank you for the suggestion @mlhickey.

As far as I know, the -ManagedIdentity switch can be used on a self-hosted runner is the managed identity is assigned to the VM. This is a Microsoft hosted runner, where I have configured the service connection to use Workload Identity federation to use a managed identity for authentication.

I have tested this technique in two different pipelines. Both use an AzurePowerShell@5 task to connect to Azure in which I refer my ServiceConnection as input. The Managed identity has read permissions on my Azure subscription and can connect successfully to Azure.

In my first pipeline, I try Connect-MgGraph with the -Identity parameter and this gives the following error:

##[error]Failed to connect to Microsoft Graph: ManagedIdentityCredential authentication unavailable. The requested identity has not been assigned to this resource.

If I use the Connect-MgGraph with both the -Identity and -ClientId parameter with the Client ID of the managed identity, I get exactly the same error.

However in my second pipeline I use the -AccessToken technique for authentication and that works:

$accessToken = Get-AzAccessToken -ResourceType MSGraph -AsSecureString
Connect-MgGraph -AccessToken $accessToken.Token

After that, I can successfully query resources using graph cmdlets.

But trying to use the same technique with the -AccessTokens parameter for the Export-M365DSCConfiguration is failing with the above errors.

from microsoft365dsc.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.