Open ganiths opened 2 months ago
@ganiths Can you describe the impact you're seeing as a result of this?
Based on current implementation, there is a separation that would currently prevent customization of that credential from impacting the setup of the extensions. But even if MI probing were still enabled, the system should fall back and use VisualStudioCredential
already.
@mattchenderson My local machine is currently sitting behind a proxy that requires authentication. When i try to run the application locally, i am getting 407 proxy authentication error when defaultazurecredentials tries to do managedidentity authentication. After the error, its not proceeding in checking the next set of credentials and hence am unable to run the application locally
My application was initially written using .Net6 in process function app and am currently in the process of migrating to .Net 8 isolated worker and due to this error am unable to proceed further with the migration as we cannot test the application locally
in .Net 6 in process function app, i used to disable the managed identity during webjobstartup. But an equivalent one is missing in isolated worker function app.
public class LocalDevelopmentWebJobsStartup : IWebJobsStartup
{
public void Configure(IWebJobsBuilder builder)
{
var credOptions = new DefaultAzureCredentialOptions();
// For Local devlopment, Exclude managed identity authentication from default azure credentials
// Otherwise it gives 407 Authentication required error
// Also webjobs startup is required only for local development.
var isLocalDevelopmentSetting = Environment.GetEnvironmentVariable("IsLocalDevelopment");
var isConversionSuccess = bool.TryParse(isLocalDevelopmentSetting, out bool isLocalDevelopment);
if (isConversionSuccess && isLocalDevelopment)
{
credOptions.ExcludeManagedIdentityCredential = true;
builder.Services.AddAzureClients(clientBuilder =>
{
clientBuilder.UseCredential(new DefaultAzureCredential(credOptions));
});
}
}
}
AFAIK The latest Azure Identity packages has some fixes regarding quick failure if it can't get to the MI endpoint
Description
My function app is developed using .NET 8 with isolated worker process. We have a service bus trigger function.
In my local development, i wanted to turn off managed identity based authentication and instead use either visual studio or visual studio credentials
I tried to turn off using the DI with the below code
But ServiceBus trigger is not using the above options and still tried to authenticate using managed identity credentials
Could you please let me how do we turn off Managed identity authentication for service bus trigger
The version am using for Microsoft.Azure.Functions.Worker.Extensions.ServiceBus is 5.17.0
Steps to reproduce
Refer the description