Can't create a file share in a storage account while deploying Logic App from the Portal
I am getting the below error while creating a Logic App from the portal.
"Creation of storage file share failed with: 'The remote server returned an error: (403) Forbidden.'. Please check if the storage account is accessible."
While selecting the initial Logic App configuration, I am selecting an existing storage account, which should allow accesses from azure trusted services (configuration below).
This will fail if there are private endpoints defined in the storage account (like in the images below), but also without defining private endpoints. And since the "Allow Azure trusted services" setting is turned on, I believe these shouldn't disallow public traffic, and trusted services should be able to communicate with the storage account via the Azure backbone. Right?
But assuming that Azure Resource Manager is not a trusted Azure service, I whitelisted the Azure Resource Manager IP addresses, and the outcome was still the same.
Any idea what might be the issue(s) here?
It seems not to be possible to deploy a Standard Logic App from the portal, if the targeted storage account will be hidden behind a firewall. The workaround is to deploy the Standard Logic app via ARM template. What will happen is that first the Storage account & File share will be created, and and then the firewall will be enabled on it.
The resources will be created in the following order:
Storage account which denies the public traffic.
VNET and Subnets.
Private DNS Zones and Private Endpoints for blob, file, queue, and table services.
File Share (Logicapp App settings requires a file share to create the host runtime directories and files).
App Service Plan (Workflow standard -WS1) to host Standard Logic App resources.
Standard Logic App, and set network config with the VNET integration (to connect to storage account on private endpoints).
More information here.
- How to get PublisherId, OfferId , PlanId of AI foundry model?
- How to run yaml file from Azure cloud shell
- query_parameters with web queries
- Issue with azure web app runtime stack .NET 6
- Azure Maps Forward Geocoding and Route Matrix API - billing and cost perspective
- How to get a list of available vm sizes in an azure location
- SSL Verification failed while sending data via MQTT to x509 authenticated device in azure iot-hub
- Azure Container Apps Jobs with Event Hubs integration is looping endlessly, even though there is no new events
- In Service Fabric, can I alter the Arguments in the ServiceManifest.xml file using Application Parameters?
- use azurerm_virtual_machine with trusted_launch
- Which IPs to allow in Azure for Github Actions?
- How to get last login date & time for the logged in user in azure ad?
- Azure Policy - restrict creation of Front Door to Standard SKU Only
- Set-AzVirtualNetwork does not attach Nat Gateway to a subnet in Azure
- Signing an msi with AzureSignTool seems to work but "it is not in the Trusted Root Certification Authorities store."
- No such host is known - Mass Transit - Azure Service Bus
- Set default app pool recycling via command line
- Azure : How to create a event based trigger from SFTP server?
- Create a new cluster in Databricks using databricks-cli
- Accessing MS 365 content dynamically from a Python script
- Azure LogicApp reading messages from storage queue but not processing
- Azure python sdk resourcegraph no skip_token
- How can I copy the TXT record into the DNS configuration in portal azure?
- Getting the user's AcccountEnabled property true/false instead of NULL
- How to read my outlook mail using java and oauth2.0 with application regsitration in Azure AD
- Playwright driver not found error in Azure Function (Azure Portal - Flex consumption plan)
- Microsoft Azure App Gateway Returning 499/504 Erorr
- No such file or directory: '/home/vsts/work/_temp/.azclitask/bin/bicep' when doing az deployment mg in an Azure DevOps pipeline
- Azure Functions Service Bus Triggered not working
- Allow a custom content-type in Azure Front Door WAF without bypassing rules