I am trying to use MSI to access Azure Blob Storage containers to generate shared access signature. But every time i am trying to access , i am getting following error:
`java.lang.IllegalArgumentException: Cannot create Shared Access Signature unless the Account Key credentials are used by the ServiceClient.`
I dont want to access blob storage container using credentials or AAD. Just want to use MSI, as this is the unique mode that we want to adapt in our application to access Azure resources. What this thing i am missing. I checked in my Splunk logs that MSI token is generating successfully. Below is the way i am creating the CloudBlobClient to access Blob container:
public CloudBlobClient cloudBlobClient() throws URISyntaxException {
String storageAccountName = propertyUtil.getStorageAccountName();
// Implemented some logic in AzureStorageMSICredential class to fetch access
// token, and its working correctly
String msiToken = azureStorageMSICredentials.getToken();
LOG.info("Initiating CloudBlobClient.... msitoken = " + msiToken);
StorageCredentials storageCredentials =
new StorageCredentialsToken(storageAccountName, msiToken);
URI storageAccountURI = URIUtils.getStorageAccountURI(storageAccountName);
CloudBlobClient cloudBlobClient = new CloudBlobClient(storageAccountURI,
storageCredentials);
return cloudBlobClient;
}
I searched many threads on stackoverflow, which seems dupliate of this one, but not really. Some are of 2017.