Azure Storage table with AD identity and Powershell

Ted 191 Reputation points
2022-11-17T16:10:15.237+00:00

Hello all,

I can't find what is missing in my code/setup to retrieve data from a Storage Account Table using Powershell and Azure AD Service Principals.

I have a Storage Account I will name mystorageaccount
In that Storage Account, a Table named MyTable1
I have a Service Principal that I use in my automation to access the Azure environment. It has Contributor RBAC on the Management Group level and Storage Table Data Reader RBAC on the Storage Account.
Reading and changing configuration in Azure works fine with that Service Principal, so the authentication works. However, when trying to read data from the Azure Table, it sees the table but, not the data in it.

No error, just an empty response when using "Get-AzTableRow".
If I use the Access Key of the Storage Account, Get-AzTableRow retrieves the data successfully. 

$psCred = New-Object System.Management.Automation.PSCredential($applicationId, $applicationSecret)  
$context = Connect-AzAccount -ServicePrincipal -Credential $psCred -Tenant $tenantId  
  
$ctx = New-AzStorageContext -UseConnectedAccount -TableEndpoint  "https://mystorageaccount.table.core.windows.net/"  
  
$storageTable = Get-AzStorageTable -Context $ctx –Name "MyTable1"   
$Cloudtable = $storageTable.CloudTable  
$data = Get-AzTableRow -table $storageTable.CloudTable

How can I get the data from my Table with a Service Principal if this code above is not correct?

Thank you in advance,
Teddy

Azure Table Storage
Azure Table Storage
An Azure service that stores structured NoSQL data in the cloud.
156 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,686 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. SaiKishor-MSFT 17,181 Reputation points
    2022-11-23T16:35:25.893+00:00

    @Ted Please refer to this document that talks about the acceptable authorization for Azure Table- https://learn.microsoft.com/en-us/azure/storage/tables/table-storage-how-to-use-powershell

    "The AzTable PowerShell module supports authorization with the account access key via Shared Key authorization. The examples in this article show how to authorize table data operations via Shared Key.

    Azure Table Storage supports authorization with Azure AD. However, the AzTable PowerShell module does not natively support authorization with Azure AD. Using Azure AD with the AzTable module requires that you call methods in the .NET client library from PowerShell."

    Hope this helps.
    Please let us know if you have any more questions and we will be glad to assist you further. Thank you!

    Remember:

    Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

    Want a reminder to come back and check responses? Here is how to subscribe to a notification.

    0 comments