Azure 从AAD获取AppPrincipalId的OAuth令牌时出错
我正在通过模板部署(shell脚本)使用服务主体使用DataLake Store创建HDInsight 在运行部署脚本时,在Spark HDInsight cluster的初始集群创建之后,出现了以下错误 错误是:Azure 从AAD获取AppPrincipalId的OAuth令牌时出错,azure,oauth-2.0,azure-hdinsight,azure-data-lake,service-principal,Azure,Oauth 2.0,Azure Hdinsight,Azure Data Lake,Service Principal,我正在通过模板部署(shell脚本)使用服务主体使用DataLake Store创建HDInsight 在运行部署脚本时,在Spark HDInsight cluster的初始集群创建之后,出现了以下错误 错误是: At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usag
At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details. {
"status": "Failed",
"error": {
"code": "ResourceDeploymentFailure",
"message": "The resource operation completed with terminal provisioning state 'Failed'.",
"details": [
{
"code": "InvalidDocumentErrorCode",
"message": "DeploymentDocument 'AmbariConfiguration_x_x' failed the validation. Error: 'Error while getting access to the datalake storage account hdiclusterdls: Error while getting the OAuth token from AAD for AppPrincipalId xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx, ResourceUri https://management.core.windows.net/, AADTenantId https://login.windows.net/xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx, ClientCertificateThumbprint xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx.'"
}
]
}
} Correlation ID: xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx
我猜HDInsight和使用服务主体身份验证的Data Lake存储集成之间存在一些问题
非常感谢您的帮助。错误表明您为服务负责人提供的信息无效,原因可能有很多。在遇到此错误之前,了解有关您所采取步骤的更多信息会有所帮助。您可以分享一下您是如何创建服务主体和证书的吗?(不披露任何机密信息,如密码或证书内容)