Home > Mobile >  How To Copy/Download Azure Storage Blob To Azure Windows Virtual Machine Using Managed Identity Thro
How To Copy/Download Azure Storage Blob To Azure Windows Virtual Machine Using Managed Identity Thro

Time:12-25

I am able to Upload File From Virtual Machine To Storage Account Container using Managed Identity Through PowerShell Scripting

I followed This Microsoft Document Link: https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-datalake

Followed Steps:

  1. I Signed into Azure Portal
  2. created Managed Identity Resource
  3. created one Windows VM and enabled system-assigned managed identity
  4. created Azure Storage Account & Assigned Storage Blob Data Contributor role to VM under your storage account
  5. Now connected to VM and run below PowerShell commands to get access token:
$response = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://storage.azure.com' -Method GET -Headers @{Metadata="true"} 
$content = $response.Content | ConvertFrom-Json 
$AccessToken = $content.access_token
  1. Followed Below PowerShell Scripts for Uploading Files from VM TO Azure Storage Container
$file = "C:\Users\VMWindows0102\Desktop\test/localfile.txt" #File path
$name = (Get-Item $file).Name

$url="https://adls0102.blob.core.windows.net/container/$($name)"

$RequestHeader = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$RequestHeader.Add("Authorization", "Bearer $AccessToken")
$RequestHeader.Add("x-ms-version", "2019-02-02")
$RequestHeader.Add("x-ms-blob-type", "BlockBlob")

$result = Invoke-WebRequest -Uri $url -Method Put -Headers $RequestHeader -InFile $file

file uploaded to container successfully from VM Local Drive

but, Now I Need Similar PowerShell Script For Downloading File From Azure Storage To Virtual Machine Local Drive Using Managed Identity Please Help...

Thanks In Advance

CodePudding user response:

I tried to reproduce the same in my environment to download the blob files using PowerShell:

I created a virtual machine and assigned Managed Identity to assign the RBAC Role. Like below.

Azure Portal > Storage Account > Select Your Storage Account > Access Control (IAM) > Add role assignment

enter image description here

Here is the script to download the blob file using powershell.

Login to your Virtual Machine and open powershell ISE as administrator and run below powershell code to download blob file.

Connect-AzAccount -identity
$responseID = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://storage.azure.com/' `
                              -Headers @{Metadata="true"}

$val =$response.Content | ConvertFrom-Json

$access_token = $content.access_token

$Path = "C:\Venkat"

$url="https://Storageaccount.blob.core.windows.net/testcontainer/Test.txt"
$RequestHeader = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$RequestHeader.Add("Authorization", "Bearer $access_token")
$RequestHeader.Add("x-ms-version", "2019-02-02")

$result = Invoke-WebRequest -Uri $url -Headers $RequestHeader
$result.content 
$output = $result.content
Invoke-WebRequest -Headers $header -Uri $url -OutFile "C:\Venkat\Test.txt" -PassThru

Output:

enter image description here

CodePudding user response:

Followed Steps:

  1. I Sign into Azure Portal
  2. create Managed Identity Resource
  3. create Windows VM and enable system-assigned managed identity
  4. create Azure Storage Account & Assign Storage Blob Data Contributor role to VM under your storage account
  5. Now connect to VM and run below PowerShell commands to Download Blob to Virtual Machine using Managed Identity:
$response = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://storage.azure.com' -Method GET -Headers @{Metadata="true"}
$content = $response.Content | ConvertFrom-Json
$AccessToken = $content.access_token

$content.access_token
$RequestHeader = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$RequestHeader.Add("Authorization", "Bearer $AccessToken")
$RequestHeader.Add("x-ms-version", "2019-02-02")
$RequestHeader.Add("x-ms-blob-type", "BlockBlob")

$url="https://adls0102.blob.core.windows.net/container/sample.txt"
$file = "C:\Users\VMWindows0102\Desktop\test\sample.txt"

$result = Invoke-WebRequest -Uri $url -Method Get -Headers $RequestHeader -OutFile $file -PassThrut

Thank You

Page link:https//www.codepudding.com/Mobile/652891.html

Prev:PowerShell Module Parameter can't pipe ADUser Array
Next:Need to build a graph like in the picture
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding