Allow authentication to Azure Blob Storage using SAS token #1600
Conversation
|
Here I am, brain the size of a planet and they ask me to welcome you to Prefect. So, welcome to the community @frsann! 🎉 🎉 |
| blob_service = azure.storage.blob.BlockBlobService( | ||
| account_name=az_account_name, account_key=az_account_key | ||
| account_name=az_account_name, | ||
| account_key=az_account_key, | ||
| sas_token=az_sas_token, |
There was a problem hiding this comment.
What happens if both account_key and sas_token are provided? Is it rightfully handled or is an error raised?
There was a problem hiding this comment.
Good question.
For Datastore.register_azure_blob_container it basically comes down to a call to azureml.data.datastore_client._DatastoreClient._get_credential_type(account_key, sas_token) which gives preference to account_key. No error.
For BlockBlobService we initiate its base class azure.storage.blob.baseblobservice.BaseBlobService, which follows the same logic; account_key is given preference, and no error.
This functionality should maybe be mentioned in the docstrings?
There was a problem hiding this comment.
Yeah! Just add a quick note about preference!
There was a problem hiding this comment.
Excellent - thanks again for your contributions @frsann ! Next time you open a PR, @marvin-robot should be silent now that your commits are signed ✅
…-start-date-filters UI: disable run state filter if it already exists
Thanks for contributing to Prefect!
Please describe your work and make sure your PR:
CHANGELOG.md(if appropriate)docs/outline.tomlfor API reference docs (if appropriate)Note that your PR will not be reviewed unless all three boxes are checked.
What does this PR change?
Allows authentication to Azure Blob Storage using SAS tokens. This concerns
AzureResultHandleras well as the tasksBlobStorageDownload,BlobStorageUpload, andDatastoreRegisterBlobContainer.Why is this PR important?
Allows Blob Storage users to authenticate more securely.