Welcome to the Microsoft Q&A Platform. Thank you for reaching out, and I hope you are doing well.
From your comments I understand the Python application hosted in Azure VM trying to Access storage is getting error.
To configure Managed Identity to connect to Azure Storage, you can follow these steps:
- Grant the Managed Identity Access to the Storage Account: In your storage account, select Access Control (IAM). Click Add and select add role assignment. Search for storage blob data Owner(necessary permission as required) , select it, and click Next.
- On the Members’ tab, under Assign access to, choose Managed Identity. Select Member a blade will open in Azure Portal on your right side.
- On that blade select the correct subscription, Resource and from the Button Select and Click Next
- On Review+Sign at the buttom Review + Assign
Now Login to that VM and install Python. Generally, python gets installed in this location C:\Users<username>\AppData\Local\Programs\Python\Python312 Install the Following required Module a) py -m pip install azure-storage-blob b) py -m pip install azure-identity 6 Use the following snippet, save the script in c:\temp test.py extension and run C:/Users/<username>/AppData/Local/Programs/Python/Python312/python.exe c:/temp/tet.py
from azure.storage.blob import BlobServiceClient from azure.identity import ManagedIdentityCredential # Create a credential using ManagedIdentityCredential creds = ManagedIdentityCredential() # Create a BlobServiceClient using the credential blob_service_client = BlobServiceClient(account_url="https://<storage Account>.blob.core.windows.net/", credential=creds) # List all containers in the storage account containers = blob_service_client.list_containers() for container in containers: print(container.name)
While writing this, I have considered that the network of that storage account doesn't have any firewall/VNet/private endpoint and is open. If there are any specifics in that case, you will need additional configuration based on the scenario. Also, ensure that you have provided adequate permissions for listing.
Hope this helps.