Azure Blob Storage Shared Access Signature (SAS) does not work

[marcino239]

Describe the bug
When using Azure Blob SAS token instead of Account Key, Loki throws this error:

illegal base64 data at input byte 0
error initialising module: table-manager
github.com/cortexproject/cortex/pkg/util/modules.(*Manager).initModule
/src/loki/vendor/github.com/cortexproject/cortex/pkg/util/modules/modules.go:105

To Reproduce
Steps to reproduce the behavior:

1. Started Loki grafana/loki:2.1.0
2. Started Promtail (SHA or version) grafana/promtail:2.1.0

Expected behavior
Loki should accept SAS token

Environment:
Kubernetes 1.16.13
Helm 3.5.1

Loki works with Azure Blob Account Keys, but they are not recommended due to very wide permissions

[stale]

This issue has been automatically marked as stale because it has not had any activity in the past 30 days. It will be closed in 7 days if no further activity occurs. Thank you for your contributions.

[racrocri]

Hi, just here to add my voice to the fact that this is indeed an anticipated feature !
I am working with an Azure reseller that only allows Shared Access Signatures and I am therefore unable to use Loki in that context.

Is there any way to help move this forward ?

[nholik]

Is there any way to help move this forward ?

This thanos-io/objstore#52 would need to move forward first, then I could submit a PR for loki to utilize it. It is a niche use case, but adding to the discussion on the issue and PR could help move it forward.