You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Hugo Veillette (Jira)" <ji...@apache.org> on 2022/05/11 17:01:00 UTC
[jira] [Updated] (CAMEL-18099) Azure blob component does not support MS recommended auth. strategy
[ https://issues.apache.org/jira/browse/CAMEL-18099?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Hugo Veillette updated CAMEL-18099:
-----------------------------------
Description:
The "Azure storage blob service" Camel component only supports access key as mean of access authorization. This is discourage according to MS.
[Authorize operations for data access - Azure Storage | Microsoft Docs|https://docs.microsoft.com/en-us/azure/storage/common/authorize-data-access?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#understand-authorization-for-data-operations]
https://docs.microsoft.com/en-us/azure/storage/common/authorize-data-access?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#understand-authorization-for-data-operations
_Microsoft recommends that you disallow Shared Key authorization for your storage account._
The MS Azure blob library, in combination with Azure-Identity library, enable preferred means to authenticate to a blob storage. Namely, SAS token and Azure Identity.
This issue is a feature request to add support for recommended options (SAS and Azure Identity) to the Camel "Azure storage blob service" component.
Suggestion is to default to the "DefaultAzureCredentialBuilder" when no specific authorization strategy is provided.
[azure-sdk-for-java/README.md at main · Azure/azure-sdk-for-java (github.com)|https://github.com/Azure/azure-sdk-for-java/blob/main/sdk/storage/azure-storage-blob/README.md#authenticate-with-azure-identity]
was:
The "Azure storage blob service" Camel component only supports access key as mean of access authorization. This is discourage according to MS.
[Authorize operations for data access - Azure Storage | Microsoft Docs|https://docs.microsoft.com/en-us/azure/storage/common/authorize-data-access?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#understand-authorization-for-data-operations]
_Microsoft recommends that you disallow Shared Key authorization for your storage account._
The MS Azure blob library, in combination with Azure-Identity library, enable preferred means to authenticate to a blob storage. Namely, SAS token and Azure Identity.
This issue is a feature request to add support for recommended options (SAS and Azure Identity) to the Camel "Azure storage blob service" component.
Suggestion is to default to the "DefaultAzureCredentialBuilder" when no specific authorization strategy is provided.
[azure-sdk-for-java/README.md at main · Azure/azure-sdk-for-java (github.com)|https://github.com/Azure/azure-sdk-for-java/blob/main/sdk/storage/azure-storage-blob/README.md#authenticate-with-azure-identity]
> Azure blob component does not support MS recommended auth. strategy
> -------------------------------------------------------------------
>
> Key: CAMEL-18099
> URL: https://issues.apache.org/jira/browse/CAMEL-18099
> Project: Camel
> Issue Type: New Feature
> Components: camel-azure
> Affects Versions: 3.16.0
> Environment: MS Azure
> Reporter: Hugo Veillette
> Priority: Major
> Labels: enhancement
>
> The "Azure storage blob service" Camel component only supports access key as mean of access authorization. This is discourage according to MS.
> [Authorize operations for data access - Azure Storage | Microsoft Docs|https://docs.microsoft.com/en-us/azure/storage/common/authorize-data-access?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#understand-authorization-for-data-operations]
> https://docs.microsoft.com/en-us/azure/storage/common/authorize-data-access?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#understand-authorization-for-data-operations
> _Microsoft recommends that you disallow Shared Key authorization for your storage account._
> The MS Azure blob library, in combination with Azure-Identity library, enable preferred means to authenticate to a blob storage. Namely, SAS token and Azure Identity.
> This issue is a feature request to add support for recommended options (SAS and Azure Identity) to the Camel "Azure storage blob service" component.
> Suggestion is to default to the "DefaultAzureCredentialBuilder" when no specific authorization strategy is provided.
> [azure-sdk-for-java/README.md at main · Azure/azure-sdk-for-java (github.com)|https://github.com/Azure/azure-sdk-for-java/blob/main/sdk/storage/azure-storage-blob/README.md#authenticate-with-azure-identity]
--
This message was sent by Atlassian Jira
(v8.20.7#820007)