我的控制台应用程序在 Azure 规模集中的 VM 上运行,但无法使用 VMSS 托管服务标识连接到 Azure 服务总线。
当它尝试通过TokenProvider.CreateManagedServiceIdentityTokenProvider()获取访问令牌时会引发异常。
- 在虚拟机规模集 (VMSS) 上启用了标识(系统分配)。
- VMSS 标识在服务总线命名空间上分配了角色 Azure 服务总线数据所有者
是否有我遗漏的步骤或要求?
示例代码
var sbEndpoint = "sb://mysbnamespace.servicebus.windows.net/";
var sbQueueName = "myqueue";
var tokenProvider = TokenProvider.CreateManagedServiceIdentityTokenProvider();
var sendClient = new QueueClient( sbEndpoint, sbQueueName, tokenProvider );
await sendClient.SendAsync( new Message( Encoding.UTF8.GetBytes( "abc 123" )));
例外
Parameters: Connectionstring: [No connection string specified], Resource: https://servicebus.azure.net/, Authority: .
Exception Message: Tried the following 4 methods to get an access token, but none of them worked.
Parameters: Connectionstring: [No connection string specified], Resource: https://servicebus.azure.net/, Authority: .
Exception Message: Tried to get token using Managed Service Identity. Unable to connect to the Managed Service Identity (MSI) endpoint. Please check that you are running on an Azure resource that has MSI setup.
Parameters: Connectionstring: [No connection string specified], Resource: https://servicebus.azure.net/, Authority: .
Exception Message: Tried to get token using Visual Studio. Access token could not be acquired. Visual Studio Token provider file not found at "C:\Users\makr\AppData\Local\.IdentityService\AzureServiceAuth\tokenprovider.json"
Parameters: Connectionstring: [No connection string specified], Resource: https://servicebus.azure.net/, Authority: .
Exception Message: Tried to get token using Azure CLI. Access token could not be acquired. ERROR: Please run 'az login' to setup account.
Parameters: Connectionstring: [No connection string specified], Resource: https://servicebus.azure.net/, Authority: https://login.microsoftonline.com/common.
Exception Message: Tried to get token using Active Directory Integrated Authentication. Access token could not be acquired. get_user_name_failed: Failed to get user name
Inner Exception : No mapping between account names and security IDs was done
at Microsoft.Azure.ServiceBus.Core.MessageSender.<OnSendAsync>d__52.MoveNext() in C:\source\azure-service-bus-dotnet\src\Microsoft.Azure.ServiceBus\Core\MessageSender.cs:line 567
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Azure.ServiceBus.RetryPolicy.<RunOperation>d__19.MoveNext() in C:\source\azure-service-bus-dotnet\src\Microsoft.Azure.ServiceBus\RetryPolicy.cs:line 82
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.Azure.ServiceBus.RetryPolicy.<RunOperation>d__19.MoveNext() in C:\source\azure-service-bus-dotnet\src\Microsoft.Azure.ServiceBus\RetryPolicy.cs:line 107
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Azure.ServiceBus.Core.MessageSender.<SendAsync>d__39.MoveNext() in C:\source\azure-service-bus-dotnet\src\Microsoft.Azure.ServiceBus\Core\MessageSender.cs:line 266
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at AzureServiceBusManagedSystemIdentity.Program.<TestSbMsi>d__10.MoveNext()
======================================================
package.config (带有使 MSI 身份验证工作的 nuget)
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="Microsoft.Azure.Amqp" version="2.4.2" targetFramework="net472" />
<package id="Microsoft.Azure.ServiceBus" version="3.4.0" targetFramework="net472" />
<package id="Microsoft.Azure.Services.AppAuthentication" version="1.0.3" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="4.5.1" targetFramework="net472" />
<package id="Microsoft.IdentityModel.JsonWebTokens" version="5.4.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Logging" version="5.4.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Tokens" version="5.4.0" targetFramework="net472" />
<package id="Newtonsoft.Json" version="12.0.2" targetFramework="net472" />
<package id="System.Diagnostics.DiagnosticSource" version="4.5.1" targetFramework="net472" />
<package id="System.IdentityModel.Tokens.Jwt" version="5.4.0" targetFramework="net472" />
<package id="System.IO" version="4.3.0" targetFramework="net472" />
<package id="System.Net.WebSockets" version="4.3.0" targetFramework="net472" />
<package id="System.Net.WebSockets.Client" version="4.3.2" targetFramework="net472" />
<package id="System.Runtime" version="4.3.1" targetFramework="net472" />
<package id="System.Runtime.Serialization.Primitives" version="4.3.0" targetFramework="net472" />
<package id="System.Security.Cryptography.Algorithms" version="4.3.1" targetFramework="net472" />
<package id="System.Security.Cryptography.Encoding" version="4.3.0" targetFramework="net472" />
<package id="System.Security.Cryptography.Primitives" version="4.3.0" targetFramework="net472" />
<package id="System.Security.Cryptography.X509Certificates" version="4.3.2" targetFramework="net472" />
</packages>