Azure File Copy fails due to 'Unsupported authentication scheme 'WorkloadIdentityFederation'

Question

Note: I created a azure devops service connection with WorkloadIdentityFederation.

Error as follows:

##[error]Upload to container: 'sample' in storage account: 'sampleBlob' with blob prefix: 'sample.yaml' failed with error: 'Unsupported authentication scheme 'WorkloadIdentityFederation' for endpoint.' For more info please refer to https://aka.ms/azurefilecopyreadme

Answer 1

This was true, however as of file copy v6 we can use workload identity federation https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/azure-file-copy-v6?view=azure-pipelines

Answer 2

Refer this Github issue1 Github issue2 on the same error looks like WorkloadIdentity is not yet supported, You can use Azure Resource manager connection with service principal authentication or normal service connection and asisgn service connection appropritate roles like Azure Storage Blob Data contributor or Azure Storage Blob Data owner role on the Storage account. You can directly make use of SAS token with limited roles in your azcopy url too.

My Azure Devops service connection:-

Assigned Storage Blob Data Owner role to the powershell service principal:-*

My Azure Devops AzFileCopy task:-

trigger:
- main

pool:
  vmImage: windows-latest

steps:
- task: AzureFileCopy@4
  inputs:
    SourcePath: '$(build.sourcesdirectory)'
    azureSubscription: 'PowershellSid'
    Destination: 'AzureBlob'
    storage: 'valleystrg51'
    ContainerName: 'datadest'
    additionalArgumentsForBlobCopy: --recursive=true

Output:-