Search code examples
powershelljwtazure-virtual-machineazure-data-lakeazure-managed-identity

How To Copy/Download Azure Storage Blob To Azure Windows Virtual Machine Using Managed Identity Through Powershell Scripts

I am able to Upload File From Virtual Machine To Storage Account Container using Managed Identity Through PowerShell Scripting

I followed This Microsoft Document Link: https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-datalake

Followed Steps:

  1. I Signed into Azure Portal
  2. created Managed Identity Resource
  3. created one Windows VM and enabled system-assigned managed identity
  4. created Azure Storage Account & Assigned Storage Blob Data Contributor role to VM under your storage account
  5. Now connected to VM and run below PowerShell commands to get access token:
$response = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://storage.azure.com' -Method GET -Headers @{Metadata="true"} 
$content = $response.Content | ConvertFrom-Json 
$AccessToken = $content.access_token
  1. Followed Below PowerShell Scripts for Uploading Files from VM TO Azure Storage Container
$file = "C:\Users\VMWindows0102\Desktop\test/localfile.txt" #File path
$name = (Get-Item $file).Name

$url="https://adls0102.blob.core.windows.net/container/$($name)"

$RequestHeader = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$RequestHeader.Add("Authorization", "Bearer $AccessToken")
$RequestHeader.Add("x-ms-version", "2019-02-02")
$RequestHeader.Add("x-ms-blob-type", "BlockBlob")

$result = Invoke-WebRequest -Uri $url -Method Put -Headers $RequestHeader -InFile $file

file uploaded to container successfully from VM Local Drive

but, Now I Need Similar PowerShell Script For Downloading File From Azure Storage To Virtual Machine Local Drive Using Managed Identity Please Help...

Thanks In Advance

Solution

  • Followed Steps:

    1. I Sign into Azure Portal
    2. create Managed Identity Resource
    3. create Windows VM and enable system-assigned managed identity
    4. create Azure Storage Account & Assign Storage Blob Data Contributor role to VM under your storage account
    5. Now connect to VM and run below PowerShell commands to Download Blob to Virtual Machine using Managed Identity:
    $response = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://storage.azure.com' -Method GET -Headers @{Metadata="true"}
$content = $response.Content | ConvertFrom-Json
$AccessToken = $content.access_token

$content.access_token
$RequestHeader = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$RequestHeader.Add("Authorization", "Bearer $AccessToken")
$RequestHeader.Add("x-ms-version", "2019-02-02")
$RequestHeader.Add("x-ms-blob-type", "BlockBlob")

$url="https://adls0102.blob.core.windows.net/container/sample.txt"
$file = "C:\Users\VMWindows0102\Desktop\test\sample.txt"

$result = Invoke-WebRequest -Uri $url -Method Get -Headers $RequestHeader -OutFile $file

    Note: Here we don't Require extra Azure Managed Identity Resource Thank You