Open duncan485 opened 7 months ago
@ysde I tried to keep the changes as minimal and none invasive as possible, would love to hear what you think
@ysde Can we get this reviewed and merged, because this would allow workload identity to be used, which would greatly improve security as it can work without the use of passwords.
Using the DefaultAzureCredential class, the following methods can be used to authenticate to the storage account (also see https://learn.microsoft.com/en-us/python/api/azure-identity/azure.identity.defaultazurecredential?view=azure-python):
My use case would be to use WorkloadIdentityCredential to have my AKS cronjob authenticate to azure blob storage with it's identity, so I don't have to manage the connection_string/secret