I'm working in a Azure Gov tenant. I created an Azure Automation account so I could use it to scale down web apps on the weekend using a powershell runbook. I'm using the code below to authenticate the run as account but its failing with this error message: "Confidential Client is not supported in Cross Cloud request."
$ConnectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$ServicePrincipalConnection = Get-AutomationConnection -Name $ConnectionName
# Logging into Azure
Add-AzureRmAccount `
-ServicePrincipal `
-TenantId $ServicePrincipalConnection.TenantId `
-ApplicationId $ServicePrincipalConnection.ApplicationId `
-CertificateThumbprint $ServicePrincipalConnection.CertificateThumbprint
-EnvironmentName "AzureUSGovernment"
Write-Output "Successfully logged in to Azure."
}
catch
{
if (!$ServicePrincipalConnection)
{
$ErrorMessage = "Connection $ConnectionName not found."
throw $ErrorMessage
}
else
{
Write-Error -Message $_.Exception
throw $_.Exception
}
}
I tried using a different authentication command with newer powershell modules but I get the same error:
$connectionName = "AzureRunAsConnection"
$servicePrincipalConnection = Get-AutomationConnection -Name $connectionName
$logonAttempt = 0
$logonResult = $False
while(!($connectionResult) -And ($logonAttempt -le 10))
{
$LogonAttempt++
#Logging in to Azure...
$connectionResult = Connect-AzAccount `
-ServicePrincipal `
-Tenant $servicePrincipalConnection.TenantId `
-ApplicationId $servicePrincipalConnection.ApplicationId `
-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
Start-Sleep -Seconds 30
}
Has anybody run this issue before and found a work around? I'm lost and would appreciate any help/assistance.
This ended up working for me, adding the -Environment parameter at the end solved my problem: