ghjklw commented on issue #38762: URL: https://github.com/apache/airflow/issues/38762#issuecomment-2041208864
I'm facing exactly the same problem and I was just starting to look into it myself! Although I considered the same solution as you initially, I feel like just adding these extra params might be only partially adressing the issue. As an example, App Service, Azure Functions and Azure Container Apps (and maybe others) do not use the endpoint that is hard-defined in the code and not customizable: https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?context=%2Fentra%2Fidentity%2Fmanaged-identities-azure-resources%2Fcontext%2Fmsi-context.json&tabs=portal%2Chttp#connect-to-azure-services-in-app-code. There might be even more edge-cases that we are missing by trying to reimplement the managed identity API. I feel like it would be a much better option to leverage DefaultAzureCredential / ManagedAzureCredential from azure.identity as is done by the Microsoft Azure provider and is recommended by Microsoft. @jtv8, let me know if you'd like me to help with a PR (I have never contributed to Airflow yet, and testing managed identities in a development environment isn't the easiest, so it might take me some time). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
