Azure功能中的凭据,是否根据需要传递一个凭据或调用?

2024-05-13 01:44:53 发布

您现在位置:Python中文网/ 问答频道 /正文
548 3

我的持久功能应用程序中存在间歇性凭据问题

ManagedIdentityCredential will use App Service managed identity

EnvironmentCredential.get_token failed: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.

DefaultAzureCredential - EnvironmentCredential is unavailable

在每个活动中,我调用DefaultAzureCredential

# some activity function
from azure.identity import DefaultAzureCredential

credential = DefaultAzureCredential()

def my_func()...

在我的orchestrator中创建一个凭证,一次,并将其传递给我的活动是否更好?我还使用系统分配的标识,所以我应该使用ManagedIdentityCredential来避免DefaultAzureCredential所做的常量检查吗

from azure.identity import ManagedIdentityCredential
import azure.durable_functions as df


def orchestrator_function(context: df.DurableOrchestrationContext):
    
    # Create the credentials
    credentials = ManagedIdentityCredential()

    # Pass it to my activity instead of my activity creating its own
    activity = yield context.call_activity("my_activity", credentials)

Tags: fromimportdfmydeffunctionactivityazure
1条回答
网友
1楼 · 发布于 2024-05-13 01:44:53

Would it be better to create a credential in my orchestrator, once, and pass it around to my activities?

根据我的理解,如果您的Orchestrator function多次调用Activity function,最好在Orchestrator function中传递Credential;如果只调用一次,我认为在Activity function中创建Credential也是一样的

I am also using system assigned identity, so should I use ManagedIdentityCredential instead to avoid the constant checks DefaultAzureCredential does?

如果使用System assigned identity,则可以直接使用ManagedIdentityCredential,因为DefaultAzureCredential将检查多个标识,直到其中一个标识提供令牌为止

为了更好地理解,您可以参考此official document

enter image description here

EnvironmentCredential is unavailable是由于DefaultAzureRedential未能从EnvironmentCredential请求令牌造成的,这是预期的结果

相关问题 更多 >

    编程相关推荐