Does Azure Container Apps support IMDS service

PS 150 Reputation points
2024-07-05T06:33:51.6533333+00:00

Does Azure Container Apps support IMDS service?

I tried to issue a command suggested in https://video2.skills-academy.com/en-us/azure/virtual-machines/instance-metadata-service?tabs=linux , but the connection failed with a timeout error. Here is the command I used:

curl -v -s -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/instance?api-version=2021-02-01"

Response received for above command:


*   Trying 169.254.169.254...
*   TCP_NODELAY set
*   connect to 169.254.169.254 port 80 failed: Connection timed out
*   Failed to connect to 169.254.169.254 port 80: Connection timed out
*   Closing connection 0
Azure Container Apps
Azure Container Apps
An Azure service that provides a general-purpose, serverless container platform.
327 questions
0 comments
Accepted answer
  1. Deepanshukatara-6769 7,200 Reputation points
    2024-07-05T10:56:32.7766667+00:00

    Hi,

    As per tests Azure Container apps only supports getting tokens via the IMDS metadata/identity/oauth2/token endpoint. In other words, Instance isn't supported but this is metadata/identity/oauth2/token supported

    So basically command which should work 

    curl -v -s -H Metadata:true http://169.254.169.254/metadata/identity/oauth2/token?resource=https://management.azure.com

    The other endpoint categories return 404 error if Identity is enabled for the container, if Identity is not enabled for the container then connections to IMDS will fail as in your example.

    If you would like to confirm my results, navigate to your container rapps-- Identity blade in the portal, turn on system-assigned managed identity, Save, wait a minute, then repeat test in your container.

    Please click Accept Answer if the above was useful.

    Thanks.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest