Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[BUG] Issues with EventHub Logger configured using System Assigned Managed Identity
See original GitHub issueRelease version
v4.5.0
Describe the bug
We have configured the event hub logger for apim using the system-assigned identity. While running the Publisher to Dev environment is failing with the below exception on the EH logger. I could not able to find any reference in the documentation around eventhub setup using system identity; the wiki and few other issues reported on logger were talking about the logger configured using the connectionString.
exception log:
System.Net.Http.HttpRequestException: HTTP request to URI https://management.azure.com/subscriptions/***/resourceGroups/**-int-dv-apim-rg/providers/Microsoft.ApiManagement/service/**-int-dv-apim/loggers/apim-dv-eventhub-logger?api-version=2022-04-01-preview failed with status code 400. Content is ‘{“error”:{“code”:“ValidationError”,“message”:“One or more fields contain incorrect values:”,“details”:[{“code”:“ValidationError”,“target”:"One or more Properties [’{0}‘] specified are missing.",“message”:“64c7d150fb42680fe*******”}]}}’.
We noticed when the extractor ran that the associated extracted json for the logger only contains the following loggerInformation.json, but it was missing the other properties within the credentials.
`{
"properties": {
"credentials": {
"name": "i**-mgmt-pr-evh-02"
},
"description": "adding a new logger with system assigned managed identity",
"isBuffered": true,
"loggerType": "azureEventHub"
}
}`
With the above-extracted json, we noticed the publisher to dev was failing with the missing connectionString property was missing; since we did not use connectionstring to set up the logger and it was using the system identity. I tried to update the JSON logger as below by adding the endpoint and identityClientID (generated named value for the logger), but it failed with the error mentioned in the exception log above.
loggerInformation_manual_update.json
`{
"properties": {
"credentials": {
"identityClientId": "{{64c7d150fb42680**********}}",
"name": "***-mgmt-pr-evh-02",
"endpointAddress": "***-mgmt-pr-evhns.servicebus.windows.net/***-mgmt-pr-evh-02"
},
"description": "adding a new logger with system assigned managed identity",
"isBuffered": true,
"loggerType": "azureEventHub"
}
}`
Documentation referred for setting up EH logger using system identity https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-log-event-hubs?tabs=PowerShell#logger-with-system-assigned-managed-identity-credentials
a
Expected behavior
We expect the publisher to dev environment should not fail while pushing the changes back to Dev environment and eventually to higher environments
Actual behavior
System.Net.Http.HttpRequestException: HTTP request to URI https://management.azure.com/subscriptions/***/resourceGroups/gi-int-dv-apim-rg/providers/Microsoft.ApiManagement/service/gi-int-dv-apim/loggers/apim-dv-eventhub-logger?api-version=2022-04-01-preview failed with status code 400. Content is ‘{“error”:{“code”:“ValidationError”,“message”:“One or more fields contain incorrect values:”,“details”:[{“code”:“ValidationError”,“target”:"One or more Properties [’{0}‘] specified are missing.",“message”:“64c7d150fb42680fe4*****”}]}}’.
Reproduction Steps
- EH logger added using system identity for steps mentioned here https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-log-event-hubs?tabs=PowerShell#logger-with-system-assigned-managed-identity-credentials
- Ran extractor and publisher job. Publisher was using the json file loggerInformation.json, where the publisher fails on missing connectionstring property
- Manually updated the loggerInformation.json, see above mentioned block for loggerInformation_manual_update.json, where with this config, publisher has failed with the exception as provided above
Issue Analytics
- State:
- Created 2 months ago
- Comments:7 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@Mohid-A - I don’t think we’ve tested this scenario specifically (Event Hubs with managed identities). I’ll test tomorrow and respond.
@guythetechie I tried with suggested approach still resulted in failure. I have set the logging levels to DEBUG, still see no information around the root cause of the internal server error.
Here’s the updated loggerInformation.json I tried on the publish-to-dev job, also tried removing the logger name and id in the subsequent runs too
Exception logs
Also for your testing, did you create the logger as mentioned here https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-log-event-hubs?tabs=PowerShell#logger-with-system-assigned-managed-identity-credentials