Comments (7)
Hi @Gamecock. Thank you for reaching out and we regret that you're experiencing difficulties. This is normal and expected behavior, as the Functions infrastructure configures a DefaultAzureCredential
instance as part of its dependency injection. As a chained credential, DefaultAzureCredential
will try several different credential types and use the first that is available on the host environment. In this case, the attempt to use a managed identity fails, as your local host does not have an MI endpoint. More information is available in the DefaultAzureCredential documentation.
If desired, you can configure the DefaultAzureCredentialOptions
used to remove undesired credentials from the chain or switch to a more specific credential. To do so, you write a Function startup class to participate in the DI configuration. (see: Use dependency injection in .NET Azure Functions)
In your DI registration, you would use the Azure extensions to override the default credential used with one configured as you'd like. For example, configuring the options for DefaultAzureCredential
would look something like:
using Azure.Identity;
using Microsoft.Extensions.Azure;
using Microsoft.Azure.Functions.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection;
[assembly: FunctionsStartup(typeof(MyNamespace.Startup))]
namespace MyNamespace;
public class Startup : FunctionsStartup
{
public override void Configure(IFunctionsHostBuilder builder)
{
builder.Services.AddAzureClients(azureBuilder =>
{
var options = new DefaultAzureCredentialOptions
{
ExcludeManagedIdentityCredential = true
};
// Configure a new credential to be used by default
// for all clients that require TokenCredential.
azureBuilder.UseCredential(new DefaultAzureCredential(options));
});
}
}
This would also allow you to create a different credential type, such as a chained credential that includes only VS and VSCode for local development scenarios.
More information and examples for configuring Azure clients in DI can be found in: Dependency injection with the Azure SDK for .NET.
from azure-sdk-for-net.
Hi @Gamecock. Thank you for opening this issue and giving us the opportunity to assist. We believe that this has been addressed. If you feel that further discussion is needed, please add a comment with the text "/unresolve" to remove the "issue-addressed" label and continue the conversation.
from azure-sdk-for-net.
Hi @Gamecock, since you haven’t asked that we /unresolve
the issue, we’ll close this out. If you believe further discussion is needed, please add a comment /unresolve
to reopen the issue.
from azure-sdk-for-net.
/unresolve
from azure-sdk-for-net.
I updated the builder as you suggested, but same error. Feels wrong that DI should throw an exception when it's working correctly. This is what the start of my DI Configuration looks like now.
` .ConfigureServices(s =>
{
// https://github.com/Azure/azure-sdk-for-net/issues/42161
s.AddAzureClients(azureBuilder =>
{
var options = new DefaultAzureCredentialOptions
{
ExcludeManagedIdentityCredential = true
};
// Configure a new credential to be used by default
// for all clients that require TokenCredential.
azureBuilder.UseCredential(new DefaultAzureCredential(options));
});`
from azure-sdk-for-net.
The error that you're seeing is from the Azure.Identity library and is how its credentials operate. The DI extensions have no influence nor control over their behavior. Opting out of managed identity will stop the managed identity credential from being used, but DefaultAzureCredential is still a chained type and will continue to probe other credentials until an available source is found. If you want to prevent errors from appearing entirely, you'd need to use the specific credential for the auth type that you'd like to use or configure logging to opt-out of gathering the Azure Identity source.
If you'd like to provide a slice of the Azure Identity logs that are being captured, then we'd be happy to take a look and advise which credentials are returning the specific errors that you are now seeing without MI enabled.
from azure-sdk-for-net.
Hi @Gamecock. Thank you for opening this issue and giving us the opportunity to assist. To help our team better understand your issue and the details of your scenario please provide a response to the question asked above or the information requested above. This will help us more accurately address your issue.
from azure-sdk-for-net.
Related Issues (20)
- [BUG] Recent commit introduced NullReferenceException in LogsQueryClient constructor HOT 6
- [BUG] SubscriptionResource.GetLocationsAsync fails with System.FormatException HOT 6
- [Schema Registry] Bump Apach.Avro dependency version
- What does MaxConcurrentCallsPerSession do? HOT 3
- Check and adjust timeouts for OpenAI HOT 1
- Validate MSAL MI API Integration (look for adoption blockers, breaking changes)
- STG 94 release prep
- Contradicting info with UploadAsync. HOT 1
- [QUERY] How to force to delete a CosmosDBSqlDatabaseResource? HOT 2
- [BUG] Azure.Provisioning KeyVault resource .. cannot set firewall rules. HOT 2
- Missing commas in the Communication Services Email SDK samples for .NET C# HOT 1
- Restore Key Vault Functionality Missing Azure SDK .NET C# HOT 2
- [BUG] TenantId may be empty string in Monitor GetActivityLogs response
- [BUG] ADLS SDK does not add Content-Length = 0 for flush requests explicitly HOT 3
- Move all provisioning libraries into respective service directories
- Decide whether to collapse Auth/ManagedIdentities into Azure.Provisioning
- [OpenAI] Update CodeGen to version 3.0.0-beta.20240329.2
- Any blocks not specified in the block list... HOT 1
- [FEATURE REQ] Support extensions in Postgres flexible HOT 1
- [FEATURE REQ] Add Method to Retrieve Analyzed Documents in DocumentIntelligence SDK HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-sdk-for-net.