Hello! Is there a way to authenticate Azure Batch with user subscription mode via Microsoft Entra ID to run it with a nextflow pipeline? The guides I have found are only based on key authentications. Thank you in advance.
Use an Entra ID: Azure Cloud — Nextflow documentation
Two methods:
- Service Principal: From outside of Azure, using ID and secret
- Managed identity (Nextflow edge only): From within Azure, using Azure automation
Perfect! Thank you, Adam. Using the Service Principal works, but we have an other problem. It seems that we can’t use the same nextflow batch config file for a regular Batch Account and the new Batch Account with user subscription mode. We cant create the pools we want. Could you help us with that please? Thanks in advance.
Might be easier to debug if you share the configuration example and the specific error you are seeing. If the service principal you are authenticating as has permissions you should be able to point it at different accounts by changing the azure.batch.accountName
and azure.storage.accountName
config settings.
azure {
activeDirectory {
servicePrincipalId = "$AZURE_SERVICE_PRINCIPAL_ID"
servicePrincipalSecret = "$AZURE_SERVICE_PRINCIPAL_SECRET"
tenantId = "$AZURE_APPLICATION_TENANT_ID"
}
storage {
accountName = "$AZURE_STORAGE_ACCOUNT_NAME_1"
}
batch {
location = "$AZURE_BATCH_ACCOUNT_REGION"
accountName = "$AZURE_BATCH_ACCOUNT_NAME_1"
}
}