I'm creating a runbook with Azure Automation and using the cmdlets
$connection = Get-AutomationConnection -Name $Name
The connection is linked to a certificate that has a key. How do I provide a key with this connection cmdlet
Add-AzureRmAccount -ServicePrincipal `
-EnvironmentName "AzureUSGovernment" `
-Tenant $connection.TenantID `
-ApplicationId $connection.ApplicationID `
-CertificateThumbprint $connection.CertificateThumbprint `
-ErrorAction Stop `
|Out-Null
Error:
AADSTS70002: Error validating credentials. AADSTS50012: Client assertion contains an invalid signature. [Reason - The key was not found., Thumbprint of key used by client: 'xxx', Please visit 'https://developer.microsoft.com/en-us/graph/graph-explorer' and query for 'https://graph.microsoft.com/beta/applications/8a09f2d7-8415-4296-92b2-80bb4666c5fc' to see configured keys] Trace ID: adfa5f5d-aaf2-4657-9e5f-1966ad540600 Correlation ID: 68f34f9b-b773-46ed-993e-e06ead5dd6b4 Timestamp: 2018-08-10 02:58:01Z
If you want to log in with service principal, you need to create an authentication key to do it, if you create an automation account, it will create an AD app and service principal automatically, more details refer to this post.
Besides, when you getting the
SubscriptionId,TenantId,ApplicationId,CertificateThumbprintvia the command$connection = Get-AutomationConnection -Name $Name. You should specify it with$connection.FieldDefinitionValues.xxxxx, like-Tenant $connection.FieldDefinitionValues.TenantID.So your command should be: