Azure Function EventHub Trigger Blob output with Managed Identity auth

0
votes

I am trying to create an Azure Function in JAVA that has an EventHub Trigger. Inside the payload of each event that the function receives, comes the path of a blob and moves that blob to another container in another Storage Account.

For this, I'm not using any kind of binding, just the trigger.

So far I have been able to make it work without any problem and I authenticate against the EventHub using Managed Identity and not via Connection String. However, to move the blob I do use connection String as I use the com.microsoft.azure.storage package.

Azure Storage client code snipet:

        CloudStorageAccount storageAccountDest;
        CloudBlobClient blobClientDest = null;
        CloudBlobContainer containerDest = null;

        String storageConnectionStringDest = System.getenv("AzureStorageDemoConnectionStringDest");

        storageAccountDest = CloudStorageAccount.parse(storageConnectionStringDest);
        blobClientDest = storageAccountDest.createClientCloudBlob();
        containerDest = blobClientDest.getContainerReference("<DEST-CONTAINER>");

Is there any way I can easily connect against Storage Account using Managed Identity?

Here the Function code:

import com.microsoft.azure.functions.annotation.*;
import com.microsoft.azure.functions.*;
import java.util.*;
import org.json.JSONObject;  
import org.json.JSONArray;
import com.microsoft.azure.storage.*;
import com.microsoft.azure.storage.blob.*;  
import java.io.IOException;
import java.net.URISyntaxException;
import java.security.InvalidKeyException;

/**
 * Azure Functions with Event Hub trigger.
 */
public class EventHubTriggerBlobStorageSink {
    /**
     * This function will be invoked when an event is received from Event Hub.
     */
    @FunctionName("EventHubTriggerBlobStorageSink")
    public void run(
        @EventHubTrigger(name = "message", eventHubName = "<EH-NAME>", 
        connection = "<EH-CONNECTION-STRING-MI>", consumerGroup = "$Default", cardinality = Cardinality.MANY) List<String> message,
        final ExecutionContext context)
        throws InvalidKeyException, URISyntaxException, StorageException
        {
        CloudStorageAccount storageAccountDest;
        CloudBlobClient blobClientDest = null;
        CloudBlobContainer containerDest = null;

        String storageConnectionStringDest = System.getenv("AzureStorageDemoConnectionStringDest");

        storageAccountDest = CloudStorageAccount.parse(storageConnectionStringDest);
        blobClientDest = storageAccountDest.createCloudBlobClient();
        containerDest = blobClientDest.getContainerReference("<CONTAINER-NAME>");


        message.forEach(singleMessage -> {

            /* 1. COPY BLOB INTO DEST */

          /* 2. DELETE BLOB INTO SOURCE */

        });
        
        
    }
}
1
javaazureazure-functionsazure-managed-identity

1 Answers

0
votes

Found a code snippet from this thread: Provide some Java code sample for using Managed Identity

The interesting part:

import com.azure.identity.*;
...
String endpoint = "https://<storageAccount>.blob.core.windows.net";
BlobServiceClient blobServiceClient = new BlobServiceClientBuilder()
  .endpoint(endpoint)
  .credential(new DefaultAzureCredentialBuilder().build())
  .buildClient();

Full sample app can be found here