Azure : deploymentScripts和第三方应用程序标识错误

Question

我尝试执行存储静态网站fonctionnality激活的当前ARM模板：

        {
            "type": "Microsoft.Resources/deploymentScripts",
            "apiVersion": "2019-10-01-preview",
            "name": "[variables('scriptName')]",
            "location": "[variables('regionName')]",
            // "kind": "AzurePowerShell",
            "kind": "AzureCLI",
            "dependsOn": [
                "[resourceId('Microsoft.Storage/storageAccounts', variables('storage'))]"
            ],
            "identity": {
                "type": "userAssigned",
                "userAssignedIdentities": {
                    "/subscriptions/<MySubscription>/resourcegroups/<MyResourceGroup>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<MyIdentityID>": {}
                }
            },
            "properties": {
                "forceUpdateTag": "[parameters('utcNow')]",
                "storageAccountSettings": {
                    "storageAccountName": "[variables('storage')]",
                    "storageAccountKey": "[listKeys(variables('storage'), '2019-04-01').keys[0].value]"
                },
                // "azPowerShellVersion": "3.0",
                "azCliVersion": "2.5.0",
                "scriptContent": "[concat('az storage blob service-properties update --account-name ', variables('storage'), ' --static-website --index-document index.html')]",
                "timeout": "PT2M",
                "cleanupPreference": "OnSuccess",
                "retentionInterval": "PT1H"
            }
        },

为此，我创建了一个新的托管标识，并将Contributor角色影响到资源组的此标识。但是，在创建deploymentScripts资源期间，它在很长一段时间内停留在“部署”模式下，然后由于此错误而失败：

Exceeded maximum wait time of '00:05:00'. Message: 'First-party app identity has not become effective yet.'. (Code: DeploymentScriptOperationFailed)

我跟踪本指南获取身份ID，所以我非常肯定本指南是正确的。

Answer 1

在与来自Microsoft的软件工程师进行了一些讨论之后，我似乎不得不等待托管标识在Azure上内部复制到多个服务器上，这样我的脚本才能找到身份才能正确执行。

我手动创建了托管标识，等待了1天，然后脚本正常运行。