Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
DefaultAzureCredentials and ChainedTokenCredential not working
See original GitHub issue- Package Name: azure-identity
- Package Version: 1.9.0
- Operating System: Linix
- Python Version: 3.6.8
Describe the bug AzureCliCredential works, but when DefaultAzureCredentials or ChainedTokenCredential are used subscription client is not able to list subscriptions
To Reproduce Azure CLI version 2.22.1 or 2.37.0
azure.identity==1.8.0 or 1.9.0
Steps to reproduce the behavior:
- Try with AzureCliCredential -
credentials = AzureCliCredential()
sub_client = SubscriptionClient(credentials,
base_url=azure_cloud.endpoints.resource_manager,
credential_scopes=[azure_cloud.endpoints.resource_manager + "/.default"])
for subscription in sub_client.subscriptions.list():
LOGGER.info("subscription: %s", subscription.display_name)
Returns subscription list.
- Try with DefaultAzureCredential as suggested by MS support -
credentials = DefaultAzureCredential(exclude_interactive_browser_credential=False)
Error seen -
EnvironmentCredential.get_token failed: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
- Try with only Azure CLI and managed identity to be included -
credentials = DefaultAzureCredential(
exclude_environment_credential=True,
exclude_managed_identity_credential=False,
exclude_visual_studio_code_credential=True,
exclude_cli_credential=False,
exclude_interactive_browser_credential=False
)
or
managed_identity = ManagedIdentityCredential()
azure_cli = AzureCliCredential()
credentials = ChainedTokenCredential(managed_identity, azure_cli)
Subscription list doesn’t return anything.
Expected behavior The following code should be able to list the subscriptions that the user or managed identity has access to.
managed_identity = ManagedIdentityCredential()
azure_cli = AzureCliCredential()
credentials = ChainedTokenCredential(managed_identity, azure_cli)
sub_client = SubscriptionClient(credentials,
base_url=azure_cloud.endpoints.resource_manager,
credential_scopes=[azure_cloud.endpoints.resource_manager + "/.default"])
for subscription in sub_client.subscriptions.list():
LOGGER.info("subscription: %s", subscription.display_name)
Issue Analytics
- State:
- Created a year ago
- Comments:7 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I think we will go with the workaround of using azure cli first. The workstation VM had a managed identity and I think that is what was causing the issues, since I wasn’t expecting any associated with the VM.
Hi @swathi-c, since you haven’t asked that we “
/unresolve” the issue, we’ll close this out. If you believe further discussion is needed, please add a comment “/unresolve” to reopen the issue.