Azure Identity => ERROR in getToken() call for scopes [https://database.windows.net//.default] #40067
Labels
Azure.Identity
Client
This issue points to a problem in the data-plane of the library.
customer-reported
Issues that are reported by GitHub users external to the Azure organization.
needs-team-attention
This issue needs attention from Azure service team or SDK team
question
The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Query/Question
Hello ,
I have my java spring boot application running on azure aks and i want to connect the azure sql bd to application via user assigned managed identity for achieving that i have enabled WordkloadIdentity on aks cluster and i added the below pom maven dependencies :
com.azure
azure-identity
1.3.3
com.microsoft.sqlserver
mssql-jdbc
12.6.0.jre11
I am using the below JDBC URL in my application.yaml
URL = jdbc-url: jdbc:sqlserver://test.database.windows.net:1433;databaseName=test-db;encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30;authentication=ActiveDirectoryManagedIdentity;
and i am getting the below error :
INFO [-,,,] 7 --- [ost-startStop-1] c.netflix.config.DynamicPropertyFactory : DynamicPropertyFactory is initialized with configuration sources: com.netflix.config.ConcurrentCompositeConfiguration@17772efd
2024-05-06T17:15:30.886680097Z 2024-05-06 13:15:30.885 INFO [-,,,] 7 --- [ost-startStop-1] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Starting...
2024-05-06T17:15:32.550691266Z 2024-05-06 13:15:32.543 ERROR [-,,,] 7 --- [ost-startStop-1] c.a.i.implementation.IdentityClient : ### ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established.
2024-05-06T17:15:32.564517243Z 2024-05-06 13:15:32.564 ERROR [-,,,] 7 --- [ost-startStop-1] c.a.identity.ManagedIdentityCredential : Azure Identity => ERROR in getToken() call for scopes [https://database.windows.net//.default]: ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established.
2024-05-06T17:15:33.575927570Z 2024-05-06 13:15:33.574 ERROR [-,,,] 7 --- [ost-startStop-1] com.zaxxer.hikari.pool.HikariPool : HikariPool-1 - Exception during pool initialization.
2024-05-06T17:15:33.575961571Z
2024-05-06T17:15:33.575968871Z com.azure.identity.CredentialUnavailableException: ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established.
2024-05-06T17:15:33.575975571Z at com.azure.identity.implementation.IdentityClient.lambda$authenticateToIMDSEndpoint$48(IdentityClient.java:1145)
2024-05-06T17:15:33.575982071Z at reactor.core.publisher.MonoCallable.subscribe(MonoCallable.java:57)
2024-05-06T17:15:33.575987671Z at reactor.core.publisher.MonoLiftFuseable.subscribe(MonoLiftFuseable.java:56)
2024-05-06T17:15:33.575993971Z at reactor.core.publisher.MonoFlatMap$FlatMapMain.onNext(MonoFlatMap.java:150)
2024-05-06T17:15:33.575999871Z at org.springframework.cloud.sleuth.instrument.reactor.ScopePassingSpanSubscriber.onNext(ScopeP
assingSpanSubscriber.java:81)
2024-05-06T17:15:33.576007271Z at org.springframework.cloud.sleuth.instrument.reactor.LazySpanSubscriber.onNext(LazySpanSubscriber.java:52)
2024-05-06T17:15:33.576013971Z at reactor.core.publisher.Operators$MonoSubscriber.complete(Operators.java:1083)
2024-05-06T17:15:33.576019571Z at reactor.core.publisher.MonoCallable.subscribe(MonoCallable.java:62)
2024-05-06T17:15:33.576025272Z at reactor.core.publisher.MonoLiftFuseable.subscribe(MonoLiftFuseable.java:56)
2024-05-06T17:15:33.576030972Z at reactor.core.publisher.MonoFlatMap.subscribe(MonoFlatMap.java:60)
2024-05-06T17:15:33.576036672Z at reactor.core.publisher.MonoLiftFuseable.subscribe(MonoLiftFuseable.java:56)
2024-05-06T17:15:33.576042872Z at reactor.core.publisher.MonoPeekTerminal.subscribe(MonoPeekTerminal.java:61)
2024-05-06T17:15:33.576048772Z at reactor.core.publisher.MonoLiftFuseable.subscribe(MonoLiftFuseable.java:56)
2024-05-06T17:15:33.576054472Z at reactor.core.publisher.MonoPeekFuseable.subscribe(MonoPeekFuseable.java:74)
2024-05-06T17:15:33.576060972Z at reactor.core.publisher.MonoLiftFuseable.subscribe(MonoLiftFuseable.java:56)
2024-05-06T17:15:33.576067172Z at reactor.core.publisher.MonoPeekFuseable.subscribe(MonoPeekFuseable.java:74)
2024-05-06T17:15:33.576072772Z at reactor.core.publisher.MonoLiftFuseable.subscribe(MonoLiftFuseable.java:56)
2024-05-06T17:15:33.576078372Z at reactor.core.publisher.Mono.blockOptional(Mono.java:1219)
2024-05-06T17:15:33.576084772Z at com.microsoft.sqlserver.jdbc.SQLServerSecurityUtility.getManagedIdentityCredAuthToken(SQLServerSecurityUtility.java:353)
2024-05-06T17:15:33.576090372Z at com.microsoft.sqlserver.jdbc.SQLServerConnection.getFedAuthToken(SQLServerConnection.java:6014)
2024-05-06T17:15:33.576095972Z at
Can someone help me on this.
The text was updated successfully, but these errors were encountered: