0

Our Application is running inside AKS, and using System assigned Managed Identity, we want app running in AKS to access excel files present in Azure Storage blob using Java.

We added Role of Storage Blob Reade/Owner etc in Storage accounts for AKS cluster. However, this doesn't work. Can you please help with steps to get this working. Thanks!

enter image description here Code below,

  DefaultAzureCredential defaultAzureCredential=new DefaultAzureCredentialBuilder().build();
  BlobServiceClient blobServiceClient=new BlobServiceClientBuilder().credential(defaultAzureCredential).endpoint("url of blob endpoint")buildClient();
BlobContainerClient blobContainerClient=blobServiceClient.getBlobContainerClient(containerName);
Improve this question

1 Answer 1

Reset to default
-1

I have reproduced your requirement by deploying my spring boot application which performs file uploading and downloading to Azure storage container using below code.

@PostMapping("/upload")
public  void  uploadFile(@RequestParam(value  =  "file")  MultipartFile  file)  throws  IOException  {

// Code To Create and File In Blob Storage
String  str = "DefaultEndpointsProtocol=https;AccountName=<storage_account_name>;AccountKey=storage_account_access_key;EndpointSuffix=core.windows.net";
OffsetDateTime  expiryTime  =  OffsetDateTime.now().plusDays(1);
BlobSasPermission  permission  =  new  BlobSasPermission().setReadPermission(true);
BlobServiceSasSignatureValues  values  =  new  BlobServiceSasSignatureValues(expiryTime,  permission).setStartTime(OffsetDateTime.now());
BlobContainerClient  container  =  new  BlobContainerClientBuilder().connectionString(str).containerName("<conatiner_name>").buildClient();
BlobClient  blob  =  container.getBlobClient(file.getOriginalFilename());
blob.upload(file.getInputStream(),  file.getSize(),  true);
String  sasToken  =  blob.generateSas(values);
// Code To Create and File In Blob Storage

// Code To download the File From Blob Storage
URL  url  =  new  URL(blob.getBlobUrl()  +  "?"  +  sasToken);
HttpURLConnection  httpConn  =  (HttpURLConnection)  url.openConnection();
int  responseCode  =  httpConn.getResponseCode();
// Check if the response code is HTTP_OK (200)
if  (responseCode  ==  HttpURLConnection.HTTP_OK)  {
// Open input stream from the HTTP connection
InputStream  inputStream  =  httpConn.getInputStream();
// Open output stream to save the file
FileOutputStream  outputStream  =  new FileOutputStream("Path_to_download_file");
// Read bytes from input stream and write to output stream
int  bytesRead;
byte[]  buffer  =  new  byte[4096];
while  ((bytesRead  =  inputStream.read(buffer))  !=  -1)  {
outputStream.write(buffer,  0,  bytesRead);
}
// Close streams
outputStream.close();
inputStream.close();
System.out.println("File downloaded");
}  else  {
System.out.println("Failed to download file: "  +  httpConn.getResponseMessage());
}
httpConn.disconnect();
// Code To download the File From Blob Storage
}

I have deployed my spring boot application on Azure kubernetes service as shown below and it is successfully running. enter image description here

I am accessing the application by hitting the External IP of my application. I could get 200 OK response. enter image description here

After hitting the API, I have checked the pod logs using kubetcl logs pod_name and I could see the file is downloaded successfully. enter image description here

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I think the question was not looking for an option with Connection String as that was not the recommended way. If the AKS already has the roles to access the BLOB, it wouldn't be ideal to use the connection string (which is a password) to achieve this usecase. Passwordless approach is the best and recommended approach in this scenario. learn.microsoft.com/en-us/azure/storage/blobs/…

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.