Attribute error on container site start when using Cosmos Managed Identity #536
Description
When I configure the App Service to use the Cosmos DB Managed Identity instead of the key, I get the error "Container didn't respond to HTTP pings on port: 5000. Failing site start."
In the container logs, I see the error:
Traceback (most recent call last):
File "/app/app.py", line 2, in
from config import *
File "/app/config.py", line 163, in
cosmos_client = CosmosClient(cosmos_endpoint, credential=DefaultAzureCredential())
File "/app/venv/lib/python3.13/site-packages/azure/cosmos/cosmos_client.py", line 178, in__init__
self.client_connection = CosmosClientConnection(
url, auth=auth, consistency_level=consistency_level, connection_policy=connection_policy, **kwargs
)
File "/app/venv/lib/python3.13/site-packages/azure/cosmos/_cosmos_client_connection.py", line 230, in set_client_consistency_level
user_consistency_policy = database_account.ConsistencyPolicy
AttributeError: 'NoneType' object has no attribute 'ConsistencyPolicy'
To configure the App Service to use the Cosmos DB Managed Identity:
-Set App Service Environment variable AZURE_COSMOS_AUTHENTICATION_TYPE=managed_identity
-Remove App Service Environment variable AZURE_COSMOS_KEY
-Grant App Service User Assigned Managed Identity the role [Cosmos DB Built-in Data Contributor] on Cosmos DB
I am also using custom endpoints:
-Set App Service Environment variable AZURE_COSMOS_ENDPOINT=https://.documents.azure.:443/
-Set App Service Environment variable CUSTOM_IDENTITY_URL_VALUE=https://login.microsoftonline.
-Set App Service Environment variable CUSTOM_ISSUER_URL_ENDPOINT_VALUE=https://sts.microsoftonline.
Switching back to Cosmos DB key authentication does not generate this error.