// Copyright (c) Microsoft Corporation. // Licensed under the MIT License. #include #include #include #include static void ShowDifferentManagedIdentityApproaches() { using namespace Azure::Identity; using namespace Azure::Storage::Blobs; std::string blobUrl = "https://myaccount.blob.core.windows.net/mycontainer/myblob"; { // @begin_snippet: UserAssignedManagedIdentityViaClientId // When deployed to an Azure host, ManagedIdentityCredential will authenticate the specified // user-assigned managed identity. std::string userAssignedClientId = ""; ManagedIdentityCredentialOptions options; options.IdentityId = ManagedIdentityId::FromUserAssignedClientId(userAssignedClientId); auto credential = std::make_shared(options); auto blobClient = BlobClient(blobUrl, credential); // @end_snippet } { // @begin_snippet: UserAssignedManagedIdentityViaResourceId std::string userAssignedResourceId = "/subscriptions/"; ManagedIdentityCredentialOptions options; options.IdentityId = ManagedIdentityId::FromUserAssignedResourceId( Azure::Core::ResourceIdentifier(userAssignedResourceId)); auto credential = std::make_shared(options); auto blobClient = BlobClient(blobUrl, credential); // @end_snippet } { // @begin_snippet: UserAssignedManagedIdentityViaObjectId std::string userAssignedObjectId = ""; ManagedIdentityCredentialOptions options; options.IdentityId = ManagedIdentityId::FromUserAssignedObjectId(userAssignedObjectId); auto credential = std::make_shared(options); auto blobClient = BlobClient(blobUrl, credential); // @end_snippet } { // @begin_snippet: SystemAssignedManagedIdentity ManagedIdentityCredentialOptions options; options.IdentityId = ManagedIdentityId::SystemAssigned(); auto credential = std::make_shared(options); auto blobClient = BlobClient(blobUrl, credential); // @end_snippet } { // @begin_snippet: SystemAssignedManagedIdentityBrief auto credential = std::make_shared(); auto blobClient = BlobClient(blobUrl, credential); // @end_snippet } } int main() { try { // To diagnose, see https://aka.ms/azsdk/cpp/identity/troubleshooting // For example, try setting 'AZURE_LOG_LEVEL' environment variable to 'verbose' before running // this sample to see more details. // Step 1: Create a ManagedIdentityCredential instance. // Managed Identity Credential would be available in some environments such as on Azure VMs. // See documentation for details. auto managedIdentityCredential = std::make_shared(); // Step 2: Pass the credential to an Azure Service Client. Azure::Service::Client azureServiceClient("serviceUrl", managedIdentityCredential); // Step 3: Start using the Azure Service Client. azureServiceClient.DoSomething(); std::cout << "Success!" << std::endl; } catch (const Azure::Core::Credentials::AuthenticationException& exception) { // Step 4: Handle authentication errors, if needed // (invalid credential parameters, insufficient permissions). std::cout << "Authentication error: " << exception.what() << std::endl; return 1; } catch (const Azure::Core::RequestFailedException& exception) { // Authentication exceptions are thrown as AuthenticationExceptions, client errors are thrown as // RequestFailedExceptions, so it is easier to differentiate whether the request has failed // due to input data, or due to authentication errors. std::cout << "Azure service request error: " << exception.what() << std::endl << "Status: " << static_cast(exception.StatusCode) << " " << exception.ReasonPhrase << std::endl << "Error code: " << exception.ErrorCode << std::endl << "Request ID: " << exception.RequestId << std::endl << "Message: " << exception.Message << std::endl; return 2; } catch (const std::exception& exception) { std::cout << "Unexpected exception thrown: " << exception.what() << std::endl; return 3; } ShowDifferentManagedIdentityApproaches(); return 0; }