I am running the below code locally which is trying to save the data in Azure Sql db table encrypted column.
I am using visual studio 2019, and Azure Service Authentication account has been configured. This account has all the necessary permission to access the key vault.
Am I missing anything?
Error
Azure.Identity.CredentialUnavailableException
HResult=0x80131500
Message=ManagedIdentityCredential authentication unavailable. No Managed Identity endpoint found.
Source=Azure.Identity
StackTrace:
at Azure.Identity.ManagedIdentityClient.<AuthenticateAsync>d__12.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at System.Threading.Tasks.ValueTask1.get_Result() at System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable
1.ConfiguredValueTaskAwaiter.GetResult()
at Azure.Identity.ManagedIdentityCredential.<GetTokenImplAsync>d__9.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex)
at Azure.Identity.ManagedIdentityCredential.<GetTokenImplAsync>d__9.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at System.Threading.Tasks.ValueTask1.get_Result() at System.Runtime.CompilerServices.ValueTaskAwaiter
1.GetResult()
at Azure.Core.Pipeline.TaskExtensions.EnsureCompleted[T](ValueTask1 task) at Azure.Identity.ManagedIdentityCredential.GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken) at GoPassOrg.BL.DbContext.GoPassOrgDbContext.<>c.<AzureActiveDirectoryAuthenticationCallback>b__6_0() in C:\Data\GitRepos\GoPassOrg\src\GoPassOrg.BL\DbContext\GoPassOrgDbContext.cs:line 59 at System.Threading.Tasks.Task
1.InnerInvoke()
at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state)
This exception was originally thrown at this call stack:
[External Code]
GoPassOrg.BL.DbContext.GoPassOrgDbContext.AzureActiveDirectoryAuthenticationCallback.AnonymousMethod__6_0() in GoPassOrgDbContext.cs
[External Code]
Code
public MyDbContext(DbContextOptions<MyDbContext> options) : base()
{
if (!_isInitialized)
{
InitializeAzureKeyVaultProvider(); _isInitialized = true;
}
}
private static void InitializeAzureKeyVaultProvider()
{
var sqlColumnEncryptionAzureKeyVaultProvider =
new SqlColumnEncryptionAzureKeyVaultProvider(AzureActiveDirectoryAuthenticationCallback);
// Register AKV provider
SqlConnection.RegisterColumnEncryptionKeyStoreProviders(
new Dictionary<string, SqlColumnEncryptionKeyStoreProvider>(1, StringComparer.OrdinalIgnoreCase)
{
{SqlColumnEncryptionAzureKeyVaultProvider.ProviderName, sqlColumnEncryptionAzureKeyVaultProvider}
});
_isInitialized = true;
}
private static async Task<string> AzureActiveDirectoryAuthenticationCallback(string authority, string resource, string scope)
{
return await Task.Run(() => new ManagedIdentityCredential()
.GetToken(new TokenRequestContext(new string[] { "https://vault.azure.net/.default" })).Token);
}