Azure SQL Database
An Azure relational database service.
Use user-managed identity in Python script on local machine to access Azure SQL Server (serverless) with pyodbc
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
cyber_thunk
1
Reputation point
I've created a Python script on my local machine & I'm attempting to authenticate into an Azure SQL Server (serverless (i.e., not managed instance)). Rather than storing creds in code, I want to utilize user-managed identity (UMI) to authenticate into my SQL Server.
I created the UMI in Azure portal, assigned it to my SQL Server & gave it read, write & admin authorization in SQL server.
Local machine:
Windows 11 pro
ODBC Driver 17.8 64x
Python 3.9
Using the following import statements:
from azure.identity import ManagedIdentityCredential
import pyodbc
Here is some of my code:
umi_client_id = 'my user managed identity client id'
db_umi_cred = ManagedIdentityCredential(client_id=umi_client_id)
db_connect = pyodbc.connect(f"DRIVER={odbc_driver}; SERVER={sql_server}; DATABASE={sql_db}; UID={db_umi_cred}; Authentication={pyodbc_auth}")
I get an error: ...TCP Provider: Timeout error [258]...
I've been trying this for a few days with no success. I don't want to use ODBC Data Source Administrator to store anything. I also shouldn't have to use key vault for this (right?). I won't be publishing this python script to cloud; just trying to test this locally. Conceptually, this seems pretty straightforward.
Any help would be greatly appreciated.
Azure SQL Database
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 44%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Saurabh Sharma 23,866 Reputation points Microsoft Employee Moderator2021-12-30T06:14:12.563+00:00 Hi @cyber_thunk ,
Thanks for using Microsoft Q&A!!
You are getting this error as you cannot use either user assigned identity or system assigned managed identity to access from SQL server from you local environment as these identities are meant for accessing Azure AD protected resources from other Azure services like Azure functions, web apps etc.Please refer to managed identities documentation for details.
You need to either provide the username and password in the code or you can store these as environment variables.Please let me know if you have any questions.
Thanks
Saurabh
Sign in to comment
Sign in to answer