log warning for users trying to access cloud shell using user assigne…

…d identity

sdk/identity/identity/src/credentials/managedIdentityCredential/cloudShellMsi.ts

@@ -53,14 +53,21 @@ function prepareRequestOptions(
 
 /**
  * Defines how to determine whether the Azure Cloud Shell MSI is available, and also how to retrieve a token from the Azure Cloud Shell MSI.
+ * Since Azure Managed Identities aren't available in the Azure Cloud Shell, we log a warning for users that try to access cloud shell using user assigned identity.
  */
 export const cloudShellMsi: MSI = {
-  async isAvailable(scopes): Promise<boolean> {
+  async isAvailable(scopes, _identityClient, clientId): Promise<boolean> {
     const resource = mapScopesToResource(scopes);
     if (!resource) {
       logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);
       return false;
     }
+    if (clientId) {
+      logger.warning(
+        `${msiName}: Unavailable. Azure Managed Identities aren't available in the Azure Cloud Shell.`
+      );
+      return false;
+    }
     const result = Boolean(process.env.MSI_ENDPOINT);
     if (!result) {
       logger.info(`${msiName}: Unavailable. The environment variable MSI_ENDPOINT is needed.`);

sdk/identity/identity/src/util/logging.ts

@@ -69,6 +69,7 @@ export interface CredentialLoggerInstance {
   title: string;
   fullTitle: string;
   info(message: string): void;
+  warning(message: string): void;
   /**
    * The logging functions for warning and error are intentionally left out, since we want the identity logging to be at the info level.
    * Otherwise, they would look like:
@@ -97,10 +98,14 @@ export function credentialLoggerInstance(
     log.info(`${fullTitle} =>`, message);
   }
 
+  function warning(message: string): void {
+    log.warning(`${fullTitle} =>`, message);
+  }
   return {
     title,
     fullTitle,
     info,
+    warning,
   };
 }