ManagedIdentityCredential authentication unavailable, no managed identity found - Azure Synapse PySpark

Question

We are trying to generate token for custom rest api endpoint. We are using Azure Synapse Notebook in PySpark.

from azure.identity import DefaultAzureCredential,ManagedIdentityCredential import requests credential = ManagedIdentityCredential(client_id='xxxxxx-xxxx-xxxx-xxxx-xxxxx')

This code execute successfully without error. I know alternatively we can use ClientSecret authentication but because of complaince reason we have to use ManagedIdentityCredential only.

But using credential object if we try to get_token it throws error

token = credential.get_token("api://xxxxxx-xxxx-xxxx-xxxx-xxxxx/.default")

ManagedIdentityCredential.get_token failed: ManagedIdentityCredential authentication unavailable, no managed identity endpoint found. --------------------------------------------------------------------------- CredentialUnavailableError Traceback (most recent call last) Cell In [9], line 1 ----> 1 token = credential.get_token("api://xxxxxx-xxxx-xxxx-xxxx-xxxxx/.default")

File ~/cluster-env/clonedenv/lib/python3.10/site-packages/azure/identity/_internal/decorators.py:27, in log_get_token..decorator..wrapper(*args, **kwargs) 24 @functools.wraps(fn) 25 def wrapper(*args, **kwargs): 26 try: ---> 27 token = fn(*args, **kwargs) 28 _LOGGER.info("%s succeeded", qualified_name) 29 return token

File ~/cluster-env/clonedenv/lib/python3.10/site-packages/azure/identity/_credentials/managed_identity.py:93, in ManagedIdentityCredential.get_token(self, *scopes, **kwargs) 91 if not self._credential: 92 raise CredentialUnavailableError(message="No managed identity endpoint found.") ---> 93 return self._credential.get_token(*scopes, **kwargs)

File ~/cluster-env/clonedenv/lib/python3.10/site-packages/azure/identity/_credentials/managed_identity.py:190, in ImdsCredential.get_token(self, *scopes, **kwargs) 188 if not self._endpoint_available: 189 message = "ManagedIdentityCredential authentication unavailable, no managed identity endpoint found." --> 190 raise CredentialUnavailableError(message=message) 192 if len(scopes) != 1: 193 raise ValueError("This credential requires exactly one scope per token request.")

CredentialUnavailableError: ManagedIdentityCredential authentication unavailable, no managed identity endpoint found.

Jaya Shankar G S · Accepted Answer · 2024-05-09 04:31:27Z

You need to run the start session on pool enabling managed identity. Follow below steps to enable.

Click on configure session

enter image description here

then enable Run as managed identity and apply it.

enter image description here

EDIT

According to this documentation

Synapse notebooks and Spark job definitions only support the use of system-assigned managed identity through linked services and the mssparkutils APIs.

also

User-assigned Managed Identity is not currently supported in Synapse notebooks and Spark job definitions.

So, whatever the token you need can be retrieved using mssparkutils.credentials.getToken("Storage")

Sorry I didn't mention this in original question but I have already enabled this.
What is the spark version you are using? Stop current session try it in new session or create new pool and run it.
Has anyone tried this for cosmosdb linked service and able to get it working??
Does msspartuitls work with Azure Data Lake Gen 1? If so, what value of parameter should I use for "Storage"?

Collectives™ on Stack Overflow

ManagedIdentityCredential authentication unavailable, no managed identity found - Azure Synapse PySpark

1 Answer 1

5 Comments

Hot Network Questions

Collectives™ on Stack Overflow

1 Answer 1

5 Comments

Related