Add-AzHDInsightClusterIdentity
Adds a cluster identity to a cluster configuration object.
Syntax
Add-AzHDInsightClusterIdentity
[-Config] <AzureHDInsightConfig>
[-ObjectId] <Guid>
[-CertificateFilePath] <String>
[-CertificatePassword] <String>
[[-AadTenantId] <Guid>]
[[-ApplicationId] <Guid>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Add-AzHDInsightClusterIdentity
[-Config] <AzureHDInsightConfig>
[-ObjectId] <Guid>
[-CertificateFileContents] <Byte[]>
[-CertificatePassword] <String>
[[-AadTenantId] <Guid>]
[[-ApplicationId] <Guid>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Description
The Add-AzHDInsightClusterIdentity cmdlet adds a cluster identity to the Azure HDInsight configuration object created by the New-AzHDInsightClusterConfig cmdlet.
Examples
Example 1: Add Cluster Identity info to the cluster configuration object
# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = (Get-AzStorageAccountKey -ResourceGroupName $storageAccountResourceGroupName -Name $storageAccountName)[0].value
$storageContainer = "container001"
# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-001"
$clusterCreds = Get-Credential
# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location
# Cluster Identity values
$tenantId = (Get-AzContext).Tenant.TenantId
$objectId = "<Azure AD Service Principal Object ID>"
$applicationId = "<Azure AD Service Principal Application ID>"
$certificateFilePath = "<Path to Azure AD Service Principal Certificate>"
$certificatePassword = "<Password for Azure AD Service Principal Certificate>"
# Create the cluster
New-AzHDInsightClusterConfig `
| Add-AzHDInsightClusterIdentity `
-AadTenantId $tenantId `
-ObjectId $objectId `
-ApplicationId $applicationId `
-CertificateFilePath $certificateFilePath `
-CertificatePassword $certificatePassword `
| New-AzHDInsightCluster `
-ClusterType Hadoop `
-OSType Linux `
-ClusterSizeInNodes 4 `
-ResourceGroupName $clusterResourceGroupName `
-ClusterName $clusterName `
-HttpCredential $clusterCreds `
-Location $location `
-StorageAccountResourceId $storageAccountResourceId `
-StorageAccountKey $storageAccountKey `
-StorageContainer $storageAccountContainerThis command adds Cluster Identity info to the cluster named your-hadoop-001, allowing the cluster to access Azure Data Lake Store.
Parameters
-AadTenantId
Specifies the Microsoft Entra tenant ID that will be used when accessing Azure Data Lake Store.
| Type: | Guid |
| Position: | 4 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ApplicationId
The Service Principal Application Id for accessing Azure Data Lake.
| Type: | Guid |
| Position: | 5 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CertificateFileContents
Specifies file contents of the certificate that will be used when accessing Azure Data Lake Store.
| Type: | Byte[] |
| Position: | 2 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CertificateFilePath
Specifies the file path to the certificate that will be used to authenticate as the Service Principal. The cluster will use this when accessing Azure Data Lake Store.
| Type: | String |
| Position: | 2 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CertificatePassword
Specifies the password for the certificate that will be used to authenticate as the Service Principal. The cluster will use this when accessing Azure Data Lake Store.
| Type: | String |
| Position: | 3 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Config
Specifies the HDInsight cluster configuration object that this cmdlet modifies. This object is created by the New-AzHDInsightClusterConfig cmdlet.
| Type: | AzureHDInsightConfig |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ObjectId
Specifies the Microsoft Entra object ID (a GUID) of the Microsoft Entra service principal that represents the cluster. The cluster will use this when accessing Azure Data Lake Store.
| Type: | Guid |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Inputs
Outputs
Related Links
Azure PowerShell
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for