Hello @Harishga ,
We have similar problem in our team.
We have Synapse Pipeline with Spark Job Definition
We used SPN to read data from ADLS2 and write to kusto with Spark Kusto Connector and token from SPN
We used to save SPN credentials into AKV
We have urgent requirement to move away from SPN completely.
I have been trying to use UAMI for the past few days but seems impossible
please could you suggest us a design for our purpose
Hadoop Connection:
fs.azure.account.auth.type: "OAuth"
fs.azure.account.oauth.provider.type:"org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider"
fs.azure.account.oauth2.client.id: $app.id
fs.azure.account.oauth2.client.secret: $app.secret
fs.azure.account.oauth2.client.endpoint: $client.endpoint
Kusto Spark Connector
df.write .format("com.microsoft.kusto.spark.datasource") .option(KustoSinkOptions.KUSTO_CLUSTER, cluster) .option(KustoSinkOptions.KUSTO_DATABASE, database) .option(KustoSinkOptions.KUSTO_TABLE, tableName) .option(KustoSinkOptions.KUSTO_ACCESS_TOKEN, token)
.mode(SaveMode.Append) .save()
I tried to use fs.azure.account.oauth.provider.type: org.apache.hadoop.fs.azurebfs.oauth2.MsiTokenProvider and MSI Client Id but it failed (Connection socket timeout, so can't get a token)
I tried to use a custom TokenProvider using DefaultAzureCredentialBuilder but it failed as well
I tried to generate a token using DefaultAzureCredentialBuilder and pass it to Kusto Connector but it failed
Please can you help us into our design update