C# 如何使用MSI从Azure中的VMS访问服务总线

我的控制台应用程序正在Azure Scale集中的VM上运行，但无法使用VMS托管服务标识连接到Azure服务总线

当尝试通过TokenProvider.CreateManagedServiceIdentityTokenProvider（）获取访问令牌时引发异常

在虚拟机规模集（VMS）上启用标识（系统分配）

VMS标识被分配给服务总线命名空间上的Azure服务总线数据所有者角色

是否有我遗漏的步骤或要求

示例代码

var sbEndpoint = "sb://mysbnamespace.servicebus.windows.net/";
var sbQueueName = "myqueue";
var tokenProvider = TokenProvider.CreateManagedServiceIdentityTokenProvider();
var sendClient = new QueueClient( sbEndpoint, sbQueueName, tokenProvider );

await sendClient.SendAsync( new Message( Encoding.UTF8.GetBytes( "abc 123" )));

例外情况

Parameters: Connectionstring: [No connection string specified], Resource: https://servicebus.azure.net/, Authority: .
Exception Message: Tried the following 4 methods to get an access token, but none of them worked.

Parameters: Connectionstring: [No connection string specified], Resource: https://servicebus.azure.net/, Authority: .
Exception Message: Tried to get token using Managed Service Identity. Unable to connect to the Managed Service Identity (MSI) endpoint. Please check that you are running on an Azure resource that has MSI setup.

Parameters: Connectionstring: [No connection string specified], Resource: https://servicebus.azure.net/, Authority: .
Exception Message: Tried to get token using Visual Studio. Access token could not be acquired. Visual Studio Token provider file not found at "C:\Users\makr\AppData\Local\.IdentityService\AzureServiceAuth\tokenprovider.json"

Parameters: Connectionstring: [No connection string specified], Resource: https://servicebus.azure.net/, Authority: .
Exception Message: Tried to get token using Azure CLI. Access token could not be acquired. ERROR: Please run 'az login' to setup account.

Parameters: Connectionstring: [No connection string specified], Resource: https://servicebus.azure.net/, Authority: https://login.microsoftonline.com/common. 
Exception Message: Tried to get token using Active Directory Integrated Authentication. Access token could not be acquired. get_user_name_failed: Failed to get user name

Inner Exception : No mapping between account names and security IDs was done

   at Microsoft.Azure.ServiceBus.Core.MessageSender.<OnSendAsync>d__52.MoveNext() in C:\source\azure-service-bus-dotnet\src\Microsoft.Azure.ServiceBus\Core\MessageSender.cs:line 567
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.Azure.ServiceBus.RetryPolicy.<RunOperation>d__19.MoveNext() in C:\source\azure-service-bus-dotnet\src\Microsoft.Azure.ServiceBus\RetryPolicy.cs:line 82
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at Microsoft.Azure.ServiceBus.RetryPolicy.<RunOperation>d__19.MoveNext() in C:\source\azure-service-bus-dotnet\src\Microsoft.Azure.ServiceBus\RetryPolicy.cs:line 107
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.Azure.ServiceBus.Core.MessageSender.<SendAsync>d__39.MoveNext() in C:\source\azure-service-bus-dotnet\src\Microsoft.Azure.ServiceBus\Core\MessageSender.cs:line 266
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   at AzureServiceBusManagedSystemIdentity.Program.<TestSbMsi>d__10.MoveNext()
======================================================

参数：Connectionstring:[未指定连接字符串]，资源：https://servicebus.azure.net/，授权人：。
异常消息：尝试了以下4种方法来获取访问令牌，但均无效。
参数：Connectionstring:[未指定连接字符串]，资源：https://servicebus.azure.net/，授权人：。
异常消息：尝试使用托管服务标识获取令牌。无法连接到托管服务标识（MSI）终结点。请检查您是否在具有MSI设置的Azure资源上运行。
参数：Connectionstring:[未指定连接字符串]，资源：https://servicebus.azure.net/，授权人：。
异常消息：尝试使用Visual Studio获取令牌。无法获取访问令牌。在“C:\Users\makr\AppData\Local\.IdentityService\AzureServiceAuth\tokenprovider.json”中找不到Visual Studio令牌提供程序文件
参数：Connectionstring:[未指定连接字符串]，资源：https://servicebus.azure.net/，授权人：。
异常消息：尝试使用Azure CLI获取令牌。无法获取访问令牌。错误：请运行“az登录”以设置帐户。
参数：Connectionstring:[未指定连接字符串]，资源：https://servicebus.azure.net/，主管当局：https://login.microsoftonline.com/common. 
异常消息：尝试使用Active Directory集成身份验证获取令牌。无法获取访问令牌。获取\用户\名称\失败：获取用户名失败
内部异常：未完成帐户名和安全ID之间的映射
在C:\source\Azure service bus dotnet\src\Microsoft.Azure.ServiceBus.Core.MessageSender.d_u52.MoveNext（）中的Microsoft.Azure.ServiceBus.Core.MessageSender.cs:第567行
---来自引发异常的上一个位置的堆栈结束跟踪---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess（任务任务）
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification（任务任务）中
在C:\source\Azure service bus dotnet\src\Microsoft.Azure.ServiceBus\RetryPolicy.cs中的Microsoft.Azure.ServiceBus.RetryPolicy.d_u19.MoveNext（）中：第82行
---来自引发异常的上一个位置的堆栈结束跟踪---
在System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw（）中
在C:\source\Azure service bus dotnet\src\Microsoft.Azure.ServiceBus\RetryPolicy.cs中的Microsoft.Azure.ServiceBus.RetryPolicy.d_u19.MoveNext（）中：第107行
---来自引发异常的上一个位置的堆栈结束跟踪---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess（任务任务）
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification（任务任务）中
在C:\source\Azure service bus dotnet\src\Microsoft.Azure.ServiceBus.Core.MessageSender.d\u 39.MoveNext（）中的Microsoft.Azure.ServiceBus.Core.MessageSender.cs:第266行
---来自引发异常的上一个位置的堆栈结束跟踪---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess（任务任务）
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification（任务任务）中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult（）中
在AzureServiceBusManagedSystemIdentity.Program.d_u10.MoveNext（）上
======================================================

package.config（使用使MSI身份验证工作的NUGET）

---

根据异常消息，虚拟机上似乎未启用托管标识。您是如何验证它是否已启用的

---

另外，您能否指定您使用的是哪个Service Bus NuGet软件包，以及哪个版本

将Nuget软件包更新为彼此兼容的最新版本解决了问题，请参阅OP中的软件包列表

感谢@Varun引导我找到一个显而易见的解决方案

<?xml version="1.0" encoding="utf-8"?>
<packages>
  <package id="Microsoft.Azure.Amqp" version="2.4.2" targetFramework="net472" />
  <package id="Microsoft.Azure.ServiceBus" version="3.4.0" targetFramework="net472" />
  <package id="Microsoft.Azure.Services.AppAuthentication" version="1.0.3" targetFramework="net472" />
  <package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="4.5.1" targetFramework="net472" />
  <package id="Microsoft.IdentityModel.JsonWebTokens" version="5.4.0" targetFramework="net472" />
  <package id="Microsoft.IdentityModel.Logging" version="5.4.0" targetFramework="net472" />
  <package id="Microsoft.IdentityModel.Tokens" version="5.4.0" targetFramework="net472" />
  <package id="Newtonsoft.Json" version="12.0.2" targetFramework="net472" />
  <package id="System.Diagnostics.DiagnosticSource" version="4.5.1" targetFramework="net472" />
  <package id="System.IdentityModel.Tokens.Jwt" version="5.4.0" targetFramework="net472" />
  <package id="System.IO" version="4.3.0" targetFramework="net472" />
  <package id="System.Net.WebSockets" version="4.3.0" targetFramework="net472" />
  <package id="System.Net.WebSockets.Client" version="4.3.2" targetFramework="net472" />
  <package id="System.Runtime" version="4.3.1" targetFramework="net472" />
  <package id="System.Runtime.Serialization.Primitives" version="4.3.0" targetFramework="net472" />
  <package id="System.Security.Cryptography.Algorithms" version="4.3.1" targetFramework="net472" />
 <package id="System.Security.Cryptography.Encoding" version="4.3.0" targetFramework="net472" />
 <package id="System.Security.Cryptography.Primitives" version="4.3.0" targetFramework="net472" />
 <package id="System.Security.Cryptography.X509Certificates" version="4.3.2" targetFramework="net472" />
</packages>