stackoom
  简体   繁体   中英

Azure sdk Iot Storage without account key same environment in agent

 原文  2023-01-30 11:15:02       java/ azure/ azure-blob-storage/ azure-storage/ azure-storage-files

Question

I have the code from below that works fine. My service and the storage are in the same environment in agent. Is there a way to write the credentials without having to provide a key, hence they are in the same environment in agent?

StorageSharedKeyCredential credential = 
new StorageSharedKeyCredential(accountName, **accountKey**);

BlobServiceClient blobServiceClient = new BlobServiceClientBuilder()
           .endpoint(endpoint)
           .credential(credential)
           .buildClient();

1 answers

solution1
 1  2023-02-01 06:26:33

Is there a way to write the credentials without having to provide a key?

To avoid key credential, I agree with @NotFound that you can use Tokencredential with the DefaultAzureCredential method.

You need to assign RBAC roles to your storage account for accessing blob storage through identity, The roles are:-

  • Storage-blob-data-contributor(or)
  • Storage-blob-data-owner

Go to portal -> storage accounts -> Access Control (IAM) ->Add -> Add role assignments -> storage-blob-contributor or storage-blob-owner role to the storage account.

Portal:

在此处输入图像描述

I tried with sample code to upload a file from the local path to azure blob storage using identity it uploaded successfully.

Code:

import com.azure.storage.blob.*;
import com.azure.core.credential.TokenCredential;
import com.azure.identity.*;


public class App 
{
    public static void main( String[] args )
    {
       TokenCredential credential = new DefaultAzureCredentialBuilder().build();
       BlobServiceClient blobServiceClient = new BlobServiceClientBuilder()
            .endpoint("https://<storage account name>.blob.core.windows.net/")
            .credential(credential)
            .buildClient();
            String  containerName = "test";
        BlobContainerClient  containerClient = blobServiceClient.getBlobContainerClient(containerName);
        String  localPath = "<your local path >";
        BlobClient  blobClient = containerClient.getBlobClient("file.json");
        System.out.println("\nUploading to Blob storage as blob:\n\t" + blobClient.getBlobUrl());
        blobClient.uploadFromFile(localPath);  
        System.out.println("Uploaded!!!");  
    }
}

Console:在此处输入图像描述

Portal:

在此处输入图像描述

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Azure Python SDK retrieve Key Vault secret for storage account How to generate SAS token in azure JS SDK, from app client, without using account key Testing Azure Blob Storage SDK In Azure, can a public key vault manage access keys of a private storage account? Read pdf file from storage account (Azure Data lake) without downloading it using python Is it possible to upload files to Azure Storage Account using the REST API without passing headers? Change Azure Storage Account TLS versions Azure Storage - Reason BlobInventoryPolicy is not supported for the account How to get "Total number of messages on the IoT Hub exceeded the allocated quota" message from Azure iot sdk c Azure Storage Account - Tracking the SAS consumption
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM