Connecting Java Azure Web app to storage account via Private link

John Jacko 21 Reputation points
2021-11-27T19:51:09.61+00:00

I have a Java Spring boot Application that I wish to connect to an Azure Storage account through a private link. The app in question is connected to a Virtual Network called "trecappstestvn" and there is a private link available to the storage account connected to the same virtual network (though a different subnet).

153066-storage-private-link.png

When editing the "STORAGE_ACCOUNT_ENDPOINT" Variable for my app, I tried using "https://trecappstest.privatelink.blob.core.windows.net" and "10.0.14" as values.

At this point, I should probably explain my Spring Boot app. It uses Gradle as a dependency manager and as of right now it uses

implementation 'com.azure.spring:azure-spring-boot-starter-storage:+'  

to connect to the storage account. Here is the Bean method I wrote to set up a BlobServiceClient

@Configuration  
public class Beans {  
  
    @Value("${azure.storage.blob-endpoint}")  
    String endpoint;  
  
    @Value("${azure.storage.account-name}")  
    String accountName;  
  
    @Value("${azure.storage.account-key}")  
    String accountKey;  
  
    @Bean  
    public BlobServiceClient getBlobServiceClient() {  
  
        BlobServiceClientBuilder builder = new BlobServiceClientBuilder();  
        return builder.credential(new StorageSharedKeyCredential(accountName, accountKey)).  
                endpoint(endpoint).buildClient();  
    }  
}  

Here is a full Message of the Application Insights Log that tells me that this isn't working:

Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'fileController': Unsatisfied dependency expressed through field 'fileService'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'fileService': Unsatisfied dependency expressed through field 'storageRepo'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'storageRepo' defined in URL [jar:file:/local/site/wwwroot/app.jar!/BOOT-INF/classes!/com/trecapps/internal/storage/repos/StorageRepo.class]: Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'getBlobServiceClient' defined in class path resource [com/trecapps/internal/storage/config/Beans.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.azure.storage.blob.BlobServiceClient]: Factory method 'getBlobServiceClient' threw exception; nested exception is java.lang.IllegalArgumentException: The Azure Storage endpoint url is malformed.

In short, the "Azure Storage endpoint is malformed".

What should I do to get this to work?

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,533 questions
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
436 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,522 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. John Jacko 21 Reputation points
    2021-11-27T20:05:10.907+00:00

    Nevermind! Just decided to run an Application Insights query and it seems that the App did successfully launch. Also ran an https request to its actuator endpoint and got a response, demonstrating that the app is working so far.

    For reference, I'm using the "https://trecappstest.privatelink.blob.core.windows.net" as the endpoint.

    I had to use the Standard-1 (S1) Service Plan in order to get the VNet integration to work.