You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/automation/troubleshoot/managed-identity.md
+9-13Lines changed: 9 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -11,34 +11,30 @@ ms.topic: troubleshooting
11
11
12
12
This article discusses solutions to problems that you might encounter when you use a managed identity with your Automation account. For general information about using managed identity with Automation accounts, see [Azure Automation account authentication overview](../automation-security-overview.md#managed-identities).
13
13
14
-
## Scenario: When you use a Managed Identity in a Runbook, it cannot authenticate against Azure.
14
+
## Scenario: Use a Managed Identity in a Runbook and it cannot authenticate against Azure
15
15
16
16
### Issue
17
17
When using a Managed Identity in your runbook, you receive an error as:
18
18
`connect-azaccount : ManagedIdentityCredential authentication failed: Failed to get MSI token for account d94c0db6-5540-438c-9eb3-aa20e02e1226 and resource https://management.core.windows.net/. Status: 500 (Internal Server Error)`
19
19
20
20
### Cause
21
21
22
-
This can happen either when:
22
+
This can happen either when:
23
23
24
-
**Cause 1**
25
-
When you use the Automation account System Managed Identity, which has not yet been created and the `Code Connect-AzAccount -Identity` tries to authenticate to Azure and run a runbook in Azure or on a Hybrid Runbook Worker.
24
+
-**Cause 1**: You use the Automation account System Managed Identity, which has not yet been created and the `Code Connect-AzAccount -Identity`, tries to authenticate to Azure and run a runbook in Azure or on a Hybrid Runbook Worker.
26
25
27
-
**Cause 2**
28
-
When the Automation account has a User managed identity assigned and not a System Managed Identity and the - `Code Connect-AzAccount -Identity` tries to authenticate to Azure and run a runbook on an Azure virtual machine Hybrid Runbook Worker using the Azure VM System Managed Identity.
26
+
-**Cause 2**: The Automation account has a User managed identity assigned and not a System Managed Identity and the - `Code Connect-AzAccount -Identity`, tries to authenticate to Azure and run a runbook on an Azure virtual machine Hybrid Runbook Worker using the Azure VM System Managed Identity.
29
27
30
28
31
29
### Resolution
32
30
33
-
**Resolution 1**
34
-
You must create the Automation Account System Managed Identity and grant it access to the Azure Resources.
31
+
-**Resolution 1**: You must create the Automation Account System Managed Identity and grant it access to the Azure Resources.
35
32
36
-
**Resolution 2**
37
-
As appropriate for your requirements, you can:
33
+
-**Resolution 2**: As appropriate for your requirements, you can:
38
34
39
-
- Create the Automation Account System Managed Identity and use it to authenticate.
40
-
Or
41
-
- Delete the Automation Account User Assigned Managed Identity.
35
+
- Create the Automation Account System Managed Identity and use it to authenticate.
36
+
Or
37
+
- Delete the Automation Account User Assigned Managed Identity.
42
38
43
39
44
40
## Scenario: Runbook fails with "this.Client.SubscriptionId cannot be null." error message
0 commit comments