-
What Grafana version and what operating system are you using?
Grafana v12.0.0, Windows -
What are you trying to achieve?
Setting up workload identity configuration to access cross tenant azure monitor metrics. -
How are you trying to achieve it?
Enable the Workload Identity configuration in custom.ini -
What happened?
The configuration only works if the ‘workload_identity_token_file’ is specified. Otherwise the authentication for Azure Monitor data source fails. -
What did you expect to happen?
Grafana should dynamically query the token instead of the dedicated token file as the token expires and need to update the file. -
Can you copy/paste the configuration(s) that you are having problems with?
[azure]
workload_identity_enabled = true
workload_identity_tenant_id = <IDENTITY_TENANT_ID> # Microsoft Entra ID tenant containing the managed identity
workload_identity_client_id = <IDENTITY_CLIENT_ID> # Client ID if different from default
workload_identity_token_file = <TOKEN_FILE_PATH> # Path to the token file -
Did you receive any errors in the Grafana UI or in related logs? If so, please tell us exactly what they were.
If the config ‘workload_identity_token_file‘ is not provided then following error is displayed in the Azure monitor data source
unexpected error: Get “``https://management.azure.com/subscriptions?api-version=2019-03-01``”: failed to retrieve Azure access token: no token file specified. Check pod configuration or set TokenFilePath in the options -
Did you follow any online instructions? If so, what is the URL?
Configure the Azure Monitor data source | Grafana documentation
