Azure Storage Account New Directory Creation issue
I am trying to create a new directory inside the azure storage account that we just created, but facing below issue
Failed to add directory 'member_import'. Error: AuthorizationFailure: This request is not authorized to perform this operation. RequestId:505c00b0-c01f-000a-6096-23ce2b000000 Time:2023-11-30T14:07:56.8235722Z
I am facing similar issue while deleting the blobs but I am able to upload the blob without any issues.
Below are the few config related details,
- This storage account is with Hierarchical namespace - Enabled.
- It is accessible only through Private link. Created Private end point for targeted sub-resource as blob. We use the same config in another subscription, it was working same. But I also tried by updating it to dfs, I am not able to view anything inside container itself with error 'not accessible'.
Update: When I set storage account to enable from all networks, I am able to create directories. But our storage account has to be setup privately.
Please let me know what I am using, what should be updated to make it working.
Thanks!
Initially, I got the same error when I tried to create a directory from the Azure virtual machine with configured target subresource (Blob) private endpoints.
Portal:
This storage account is with Hierarchical namespace - Enabled.
For enabled Hierarchical namespace storage you need to create a private endpoint and configure the target sub-resource with dfs like below:
Portal:
I used the both blob and dfs target sub-resources connected private endpoints with Azure storage.
Portal:
After connecting both private endpoints, I can able to create a directory successfully through the Azure virtual machine via RDP.
Portal:
Reference:
- ADF Out of memory exception
- Azure DevOps pipeline is throwing a "##[error]Project file(s) matching the specified pattern were not found". when publishing my app?
- Microsoft Entra ID: Receiving Old Token Version Despite Setting accessTokenAcceptedVersion to 2
- Rule Syntax for Azure user.memberof
- (unknown) Precondition failed when trying to create MS Graph Subscription
- Azure Function App Service Bus Trigger: Process 1 message at a time
- Azure HTTP Trigger - How to extract query parameter value from input binding- cosmosDB
- Python app deployment to Azure web app from pipeline not including requirement packages
- Force Azure Function using Service Bus Queues to only process one mesage at a time
- Azure Web Role with Transient Fault Handling Block exception: The path is too long after being fully qualified
- Azure Bicep - How to create diagnostic settings for NetworkInterface of private endpoint
- Is there a way to get static ip address for Azure Data Factory
- azure key vault - lag on secret changes
- How to create connection to create - queue item - HTTP Trigger - local - Azurite - Azure Queue Storage
- Getting error "404 The specified blob does not exist" when downlading blob using Uri
- How scopes are added to token in Azure Entra ID?
- Why does my Azure Cosmos DB SQL API Container Refuse Multiple Items With Same Partition Key Value?
- Postgres on Azure kubernetes volume permission error
- Azure: Subscribing to an external MQTT Broker
- azure.storage.blob._shared.authentication.AzureSigningError: Incorrect padding - Argo workflow
- Bash variable in JMESPath query expression
- Azure Devops pipeline failing due to AZ.Accounts Module update by MSFT
- Is it possible to use email name other than "DoNotReply" in Azure Email Communication Services?
- AADSTS65001: The user or administrator has not consented to use the application with ID '<application ID>
- Access Package Endpoint doesn't seem to be working
- install docker bash script doesn't work when used as Custom Data for Azure VM
- Docker image is not updating on Azure container registry via gitlab
- Terraform - How to find Azure Kubernetes AKS vnet ID for network peering
- Using Azure DataLakeServiceClient to download a file got forbidden response after few minutes success
- Verify that Bicep can return values from Azure Key vault