Sign in with Azure CLI 各种方法总结

    #region Sign in with Azure CLI 各种方法总结
    # https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli
   
    #region ok 1) 使用aad user 登录 portal
    # 1) - 1 >> OK 使用网页认证画面登录
    # az login
    # >> You have logged into Microsoft Azure!
    # >> You can close this window, or we will redirect you to the Azure CLI documents in 10 seconds.
   
    # 1) - 2 >> OK 使用hard code 用户名密码登录
    # $curLoginUserName = "xxxx@zzz.hotmail.onmicrosoft.com"
    # $curLoginPsw = "yyyyy"
    # $AzCred = New-Object System.Management.Automation.PSCredential($curLoginUserName, $(ConvertTo-SecureString $curLoginPsw -AsPlainText -Force))
    # az login -u $AzCred.UserName -p $AzCred.GetNetworkCredential().Password
    #endregion ok 1) 使用aad user 登录 portal

    #region OK 2) 使用 service principal 登录 portal
    # Service principals are accounts not tied to any particular user, which can have permissions on them assigned through pre-defined roles.
    # Authenticating with a service principal is the best way to write secure scripts or programs,
    # allowing you to apply both permissions restrictions and locally stored static credential information
    # az login --service-principal -u <app-url> -p <password-or-cert> --tenant <tenant>
    # code start ↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓
    # OutInfoLog "Sign in with a service principal."
    # $Application_ID_URI = "http://servicePrincipal1-for-aks-cluster1"
    # $servicePrincipal1_password = "xxxxxxxxxxxxxxxxxxxxxxx"
    # az login --service-principal -u  $Application_ID_URI -p $servicePrincipal1_password --tenant "xxx-yyy-zzz-eee-xxx"

    # OutInfoLog "az group list."
    # # 可以取得具有权限的资源列表
    # az group list
    # # 因为当前spn只有acrpull/acrpush权限,所以无法获得acr信息.赋予reader权限后,可以取得acr信息
    # az acr list -o table
    # code start ↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑
    #endregion OK 2) 使用 service principal 登录 portal

    #region OK 3) 使用 acr Access keys 登录 acr
    # 3) - 1 >> OK 使用 acr Access keys 登录acr
    # $acr_access_key_RegistryName = "hakuACRB1"
    # $acr_access_key_Username = "hakuACRB1"
    # $acr_access_key_LoginServer = "hakuacrb1.azurecr.io"
    # $acr_access_key_Password1 = "xxxxxxxxxx"
    # $acr_access_key_Password2 = "yyyyyyyyyy"
    # $acr_access_key_Password1 | docker login $acr_access_key_LoginServer -u $acr_access_key_Username --password-stdin

    # 3) - 2 >> NG > 尝试使用acr login infor 登录portal(而不是登录acr)
    # The user name might be invalid. For cross-check, try 'az login' to authenticate through browser.
    # $AzCred = New-Object System.Management.Automation.PSCredential($acr_access_key_Username, $(ConvertTo-SecureString $acr_access_key_Password1 -AsPlainText -Force))
    # az login -u $AzCred.UserName -p $AzCred.GetNetworkCredential().Password
    #endregion OK 3) 使用 acr Access keys 登录 acr

    #endregion Sign in with Azure CLI 各种方法总结