Hi Rajesh ,
The error means you could not connect to the Azure Instance Metadata Service endpoint, it is a REST Endpoint that is available at a well-known non-routable IP address (169.254.169.254
), MSI use it to get the token, it can be accessed only from within the Azure service e.g. web app, VM, etc. Simply put, you could not use MSI(managed identity) in local.
To use MSI get secret from the azure keyvault, follow this to deploy your application to azure web app, enable the system-assigned identity or user-assigned identity, then remove the azure.keyvault.client-key
from application.properties
, change the azure.keyvault.client-id
with the MSI's client id, add it to the access policy of the keyvault, details follow this.
if you'd like to access the Key Vault via a Managed Identity, you can deploy a VM with a system-assigned managed identity or an Azure App Service to read a secret from Azure Key Vault. For more info.
Additional Links: Azure Instance Metadata Service endpoint - Managed identity
What are managed identities for Azure resources?
Tutorial: Read a secret from Azure Key Vault in a Spring Boot application
I hope this helps! If you have any other questions, please let me know.
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solutio