更新:更多细节可以在我在这里打开的GitHub问题中找到:
https://github.com/Azure/AppConfiguration/issues/567 issuecomment - 953365024
原始问题:我已经设置了三个资源组,每个组都有自己的App Configuration实例。所有键/值在配置存储之间同步。我还创建了一个Azure Front Door实例和关联的前端、后端池,以及通过转发连接前端和后端池的路由。一切都连接成功了。但是,当我尝试调用前门配置端点时,我在应用配置客户端中获得身份验证失败。
Azure.Identity.AuthenticationFailedException
DefaultAzureCredential authentication failed.
...
Azure.Identity.AuthenticationFailedException
ClientSecretCredential authentication failed.
...
Azure.RequestFailedException
Service request failed.
Status: 400 (Bad Request)
Content:
{"error":"invalid_resource","error_description":"AADSTS500011: The resource principal named https://config.[redacted].com was not found in the tenant named [redacted]. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant."}
调用任何/所有单个配置服务(后端)的uri都可以正常工作。
不是开箱即用,这是令牌处理的问题,但我认为更重要的问题是为什么要这样?应用程序配置的冗余通常很容易在代码/函数本身中构建,即使应用程序/函数是分布式的,对存储的配置调用也不会引入太多延迟,甚至值得注意