Open
Description
Describe the bug
When we run our application locally we want to use az cli authentication, but it seems like the azure.identity chooses Managed Identity, and therefore fails.
***Exception or Stack Trace***
`2023-10-06T13:45:14.859+02:00 INFO 46645 --- [ main] AbstractAzureServiceClientBuilderFactory : Will configure the default credential of type DefaultAzureCredential for class com.azure.data.appconfiguration.ConfigurationClientBuilder.
2023-10-06T13:45:15.628+02:00 ERROR 46645 --- [onPool-worker-1] c.a.i.implementation.IdentityClient : ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established, Connect timed out.
ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established, Connect timed out.
2023-10-06T13:45:15.632+02:00 ERROR 46645 --- [onPool-worker-1] c.a.identity.ManagedIdentityCredential : Azure Identity => ERROR in getToken() call for scopes [https://***.azconfig.io/.default]: Managed Identity authentication is not available.
2023-10-06T13:45:15.633+02:00 ERROR 46645 --- [ main] c.a.c.implementation.AccessTokenCache : {"az.sdk.message":"Failed to acquire a new access token.","exception":"Managed Identity authentication is not available."}
2023-10-06T13:45:16.946+02:00 ERROR 46645 --- [onPool-worker-1] c.a.i.implementation.IdentityClient : ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established, Connect timed out.
ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established, Connect timed out.
2023-10-06T13:45:16.950+02:00 ERROR 46645 --- [onPool-worker-1] c.a.identity.ManagedIdentityCredential : Azure Identity => ERROR in getToken() call for scopes [https://***.azconfig.io/.default]: Managed Identity authentication is not available.
2023-10-06T13:45:16.951+02:00 ERROR 46645 --- [ main] c.a.c.implementation.AccessTokenCache : {"az.sdk.message":"Failed to acquire a new access token.","exception":"Managed Identity authentication is not available."}
2023-10-06T13:45:18.482+02:00 ERROR 46645 --- [onPool-worker-1] c.a.i.implementation.IdentityClient : ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established, No route to host.
ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established, No route to host.
2023-10-06T13:45:18.483+02:00 ERROR 46645 --- [onPool-worker-1] c.a.identity.ManagedIdentityCredential : Azure Identity => ERROR in getToken() call for scopes [https://***.azconfig.io/.default]: Managed Identity authentication is not available.
2023-10-06T13:45:18.483+02:00 ERROR 46645 --- [ main] c.a.c.implementation.AccessTokenCache : {"az.sdk.message":"Failed to acquire a new access token.","exception":"Managed Identity authentication is not available."}
2023-10-06T13:45:18.484+02:00 ERROR 46645 --- [ main] com.azure.core.http.policy.RetryPolicy : {"az.sdk.message":"Retry attempts have been exhausted.","exception":"Managed Identity authentication is not available.","tryCount":2}
2023-10-06T13:45:18.485+02:00 ERROR 46645 --- [ main] com.azure.core.http.policy.RetryPolicy : Managed Identity authentication is not available.
2023-10-06T13:45:18.485+02:00 ERROR 46645 --- [ main] c.a.c.i.http.rest.RestProxyBase : Managed Identity authentication is not available.
2023-10-06T13:45:18.486+02:00 ERROR 46645 --- [ main] .i.AppConfigurationPropertySourceLocator : Fail fast is set and there was an error reading configuration from Azure App Configuration store https://***.azconfig.io.
2023-10-06T13:45:19.413+02:00 ERROR 46645 --- [ main] o.s.boot.SpringApplication : Application run failed
To Reproduce
Steps to reproduce the behavior:
Follow the quickstart guide provided by MS:
https://learn.microsoft.com/en-us/azure/azure-app-configuration/quickstart-java-spring-app?tabs=spring-boot-3
Expected behavior
A clear and concise description of what you expected to happen.
When running locally it shouldn't configure managed identity config, when it's impossible to use MI locally. (Missing cert and IDMS endpoint) It should continue in the chain, and enable a developer to use e.g. az cli authentication.
Setup (please complete the following information):
- OS: Windows and MacOSX
- IDE: IntelliJ
- Library/Libraries:
com.azure.azure-identity:1.10.0 - Java version: 17
- App Server/Environment:
- Frameworks: Spring Boot.
Information Checklist
Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report
- Bug Description Added
- Repro Steps Added
- Setup information Added
Metadata
Metadata
Assignees
Labels
Azure.ApplicationModel.ConfigurationThis issue points to a problem in the data-plane of the library.All azure-spring related issuesIssues that are reported by GitHub users external to the Azure organization.Workflow: This issue needs the team to triage.The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Type
Projects
Status
Todo