-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Occasional ManagedIdentity failures #45305
Comments
Thank you for your feedback. Tagging and routing to the team member best able to assist. |
What error or logging are you seeing that indicates that the managed identity is failing and that a bad token is received? |
Hi @garrettlondon1. Thank you for opening this issue and giving us the opportunity to assist. To help our team better understand your issue and the details of your scenario please provide a response to the question asked above or the information requested above. This will help us more accurately address your issue. |
Hey @christothes , I apologize, I do not have any errors or logs indicating that managed identity is failing, and a bad token is received, specifically. All resources from blob storage cannot be loaded, and when the App Service is restarted, everything works again instantly. I've reproduced it probably 5+ times. I know for certain that the App service has access to the storage account because the same storage account hosts the zip file which powers the app service deployment via private endpoint This is on an "always on" app service, blazor server monolith, using the absolute default managed identity setup |
Does your service hang or does it continue to be responsive after the problem? Is the request to storage still occurring after the problem? If so, what is the response from the service? |
Hi @garrettlondon1. Thank you for opening this issue and giving us the opportunity to assist. To help our team better understand your issue and the details of your scenario please provide a response to the question asked above or the information requested above. This will help us more accurately address your issue. |
The service completely hangs, although I will say on "12.21.1" version, have not encountered in 6+ days |
That makes sense - I think the issue won't reproduce on 12.21.1 or later. This is due to a fix in one of its dependencies in Azure.Core that was shipped in version 1.41.0. The fix is here |
Hi @garrettlondon1. Thank you for opening this issue and giving us the opportunity to assist. We believe that this has been addressed. If you feel that further discussion is needed, please add a comment with the text "/unresolve" to remove the "issue-addressed" label and continue the conversation. |
Hi @garrettlondon1, since you haven’t asked that we |
Library name and version
Azure.Storage.Blobs" Version="12.20.0"
Describe the bug
When using Managed Identity credential and RBAC, the app running on Azure App Service has the correct credentials and network connections.
The application will succeed and get all data from blob storage, but somewhere in the middle when the application is running, Managed Identity fails and gets a bad token.
This happens intermittently, but the problem is not resolved until app is restarted
Expected behavior
Managed Identity credential consistently works on App Service
Actual behavior
Managed Identity disconnects and fails to make calls to blob gateway
Reproduction Steps
Environment
No response
The text was updated successfully, but these errors were encountered: