From fd2a00ec4f112ebd1812c391f367dc57cd7df1f4 Mon Sep 17 00:00:00 2001 From: Charles Lowell Date: Fri, 17 Apr 2020 09:04:01 -0700 Subject: [PATCH] update test instructions --- sdk/identity/azure-identity/tests/azure-functions/readme.md | 4 ++-- .../azure-identity/tests/managed-identity-live/appservice.md | 4 ++-- sdk/identity/azure-identity/tests/managed-identity-live/vm.md | 4 ++-- sdk/identity/azure-identity/tests/pod-identity/readme.md | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/sdk/identity/azure-identity/tests/azure-functions/readme.md b/sdk/identity/azure-identity/tests/azure-functions/readme.md index 1e73a78608cb..5e9481832075 100644 --- a/sdk/identity/azure-identity/tests/azure-functions/readme.md +++ b/sdk/identity/azure-identity/tests/azure-functions/readme.md @@ -94,7 +94,7 @@ Allow the system-assigned identity to access the Key Vault: ```sh az keyvault set-policy -n $KEY_VAULT_NAME \ --object-id $(az functionapp identity show -g $RESOURCE_GROUP -n $FUNCTION_APP_SYSTEM_ASSIGNED --query principalId -o tsv) \ - --secret-permissions set delete + --secret-permissions list ``` @@ -108,7 +108,7 @@ Allow it to access the Key Vault: ```sh az keyvault set-policy -n $KEY_VAULT_NAME \ --object-id $(az identity show -g $RESOURCE_GROUP -n $MANAGED_IDENTITY_NAME --query principalId -o tsv) \ - --secret-permissions set delete + --secret-permissions list ``` diff --git a/sdk/identity/azure-identity/tests/managed-identity-live/appservice.md b/sdk/identity/azure-identity/tests/managed-identity-live/appservice.md index e7144247f6c0..9ac6684abc31 100644 --- a/sdk/identity/azure-identity/tests/managed-identity-live/appservice.md +++ b/sdk/identity/azure-identity/tests/managed-identity-live/appservice.md @@ -88,7 +88,7 @@ Allow the system-assigned identity to access the Key Vault: ```sh az keyvault set-policy -n $KEY_VAULT_NAME -g $RESOURCE_GROUP \ --object-id $(az webapp show -n $WEB_APP_SYSTEM_ASSIGNED -g $RESOURCE_GROUP --query identity.principalId -o tsv) \ - --secret-permissions set delete + --secret-permissions list ``` ### Managed identity @@ -103,7 +103,7 @@ Allow it to access the Key Vault: ```sh az keyvault set-policy -n $KEY_VAULT_NAME \ --object-id $(az identity show -g $RESOURCE_GROUP -n $MANAGED_IDENTITY_NAME --query principalId -o tsv) \ - --secret-permissions set delete + --secret-permissions list ``` ### Web app: user-assigned identity diff --git a/sdk/identity/azure-identity/tests/managed-identity-live/vm.md b/sdk/identity/azure-identity/tests/managed-identity-live/vm.md index 8186c2e4d145..32bc473a1151 100644 --- a/sdk/identity/azure-identity/tests/managed-identity-live/vm.md +++ b/sdk/identity/azure-identity/tests/managed-identity-live/vm.md @@ -82,14 +82,14 @@ Allow the VM with system-assigned identity to access the Key Vault's secrets: ```sh az keyvault set-policy -n $KEY_VAULT_NAME \ --object-id $(az vm show -n $VM_NAME_SYSTEM_ASSIGNED -g $RESOURCE_GROUP --query identity.principalId -o tsv) \ - --secret-permissions set delete + --secret-permissions list ``` Do the same for the user-assigned identity: ```sh az keyvault set-policy -n $KEY_VAULT_NAME \ --object-id $(az identity show -g $RESOURCE_GROUP -n $MANAGED_IDENTITY_NAME --query principalId -o tsv) \ - --secret-permissions set delete + --secret-permissions list ``` # Install dependencies diff --git a/sdk/identity/azure-identity/tests/pod-identity/readme.md b/sdk/identity/azure-identity/tests/pod-identity/readme.md index 3263698c4f10..bcfd697905ca 100644 --- a/sdk/identity/azure-identity/tests/pod-identity/readme.md +++ b/sdk/identity/azure-identity/tests/pod-identity/readme.md @@ -69,7 +69,7 @@ az keyvault create -g $RESOURCE_GROUP -n $KEY_VAULT_NAME --sku standard Add an access policy for the managed identity: ```sh -az keyvault set-policy -n $KEY_VAULT_NAME --object-id $MANAGED_IDENTITY_PRINCIPAL_ID --secret-permissions set delete +az keyvault set-policy -n $KEY_VAULT_NAME --object-id $MANAGED_IDENTITY_PRINCIPAL_ID --secret-permissions list ``` ### container registry