I am using Liquibase 4.32 for Azure SQL database deployment. I want to use user-assigned managed identities for deployment rather than specifying the username and password. For that, I followed this documentation. It says I need to have the liquibase-azure-deps-4.32.0.jar for the managed identities to work with Liquibase. So I added it and ran the following command.
liquibase --changeLogFile=changelog.xml --url="jdbc:sqlserver://<dbserver>.database.windows.net:1433;database=<db>;user=<managed-identity-id>;Authentication=ActiveDirectoryManagedIdentity" update
But this command is throwing me below error.
Unexpected error running Liquibase: Managed Identity authentication is not available.
Caused by: Cannot construct instance of `com.microsoft.aad.msal4j.ManagedIdentityErrorResponse$ErrorField` (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('invalid_resource')
at [Source: REDACTED (`StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION` disabled); line: 1, column: 10] (through reference chain: com.microsoft.aad.msal4j.ManagedIdentityErrorResponse["error"])
I am unsure of what I am doing wrong. I can get the token successfully using the command below.
curl "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://database.windows.net/&client_id=12345678-aaaa-bbbb-cccc-ddddeeeeffff" \
-H "Metadata: true"
If someone has faced this issue before. Please let me know what is wrong here so that I can fix it.
