[英]Authenticating Azure Storage with system assigned Identity from Azure Functions
我想使用來自 Azure 函數的系統分配標識來驗證和讀取存儲帳戶。 我得到了 .NET 的以下代碼。 我在 Java 中尋找等效代碼。 提前致謝。
public static class Function1
{
[FunctionName("WebHook-Func")]
public static async Task<IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "get", "post", Route = null)] HttpRequest req,
ILogger log)
{
log.LogInformation("C# HTTP trigger function processed a request.");
var azureServiceTokenProvider = new AzureServiceTokenProvider();
string accessToken = await azureServiceTokenProvider.GetAccessTokenAsync("https://storage.azure.com/");
TokenCredential creds = new TokenCredential(accessToken);
log.LogInformation($"Token: {accessToken}");
StorageCredentials storageCreds = new StorageCredentials(creds);
try
{
CloudBlobClient client = new CloudBlobClient(new StorageUri(new Uri("https://<storageAccount>.blob.core.windows.net")), storageCreds);
CloudBlobContainer container = client.GetContainerReference("fltd");
CloudBlockBlob blob = container.GetBlockBlobReference("shopping.txt");
string content = await blob.DownloadTextAsync();
return (ActionResult)new OkObjectResult($"File contents: {content}");
}catch(Exception ex)
{
return new BadRequestObjectResult($"Exception when calling web hook: {ex.StackTrace} {ex.Message}");
}
}
}
如果要使用系統分配的身份訪問 Azure function 中的 Azure blob,請參考以下步驟
在存儲帳戶級別為 MSI 分配角色(存儲 Blob 數據參與者)
Sdk
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-client-authentication</artifactId>
<version>1.7.5</version>
</dependency>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-storage</artifactId>
<version>8.6.5</version>
</dependency>
public HttpResponseMessage run(@HttpTrigger(name = "req",methods = {HttpMethod.GET, HttpMethod.POST},authLevel = AuthorizationLevel.ANONYMOUS) HttpRequestMessage<Optional<String>> request, ExecutionContext context) throws URISyntaxException, StorageException, IOException {
context.getLogger().info("Java HTTP trigger processed a request.");
AppServiceMSICredentials msiCredentials = new AppServiceMSICredentials(AzureEnvironment.AZURE);
String token = msiCredentials.getToken("https://storage.azure.com/");
context.getLogger().info("000000000000" + token);
String accountName = "jimtestdiag924";
StorageCredentialsToken credentials = new StorageCredentialsToken(accountName, token);
CloudStorageAccount account = new CloudStorageAccount(credentials, true);
CloudBlobClient client = account.createCloudBlobClient();
CloudBlobContainer container = client.getContainerReference("testupload");
CloudBlockBlob blob = container.getBlockBlobReference("hello.txt");
String content = blob.downloadText();
return request.createResponseBuilder(HttpStatus.OK).body("The file content :" + content).build();
}
Hadoop Azure:在應用服務計划 (Azure Functions) 中使用 MSI 對存儲帳戶進行身份驗證時出現問題
[英]Hadoop Azure: Issue when authenticating storage account using MSI in App Service Plan (Azure Functions)
使用 Azure 目錄進行身份驗證並從數據庫中獲取有效的用戶角色
[英]Authenticating With Azure Directory and Fetch the Valid User Roles From Database
如何使用 java 文件系統 sdk 從 azure 存儲中重命名或復制文件
[英]How to rename or copy file from azure storage using java file system sdk
無法從 Azure 存儲帳戶中刪除 blob - Azure Function (Java)
[英]Not able to delete blob from Azure storage Account - Azure Function (Java)
mvn azure-functions:deploy 創建“無效的存儲帳戶名稱”
[英]mvn azure-functions:deploy creates 'not valid storage account name'
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.