Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,687 questions
Azure blob services - AuthorizationFailed - /Microsoft.Storage/storageAccounts/<ACCOUNT_NAME>/blobServices/default - JAVA sdk
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 85%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESA%3C/text%3E%3C/svg%3E)
Syedyasiraswath ASKAR BASHA (Ash)
1
Reputation point
I am trying to obtain the "Versioning" status of my Storage account using azure-sdk-for-java
// Azure environment URL is ".core.windows.net" hence used "AzureEnvironment.AZURE"
// this.clientSecretCredential ->is built using AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_TENANT_ID
AzureProfile profile = new AzureProfile("<TENANT_ID", "<SUBSCRIPTION_ID>", AzureEnvironment.AZURE);
StorageManager manager = StorageManager.authenticate(this.clientSecretCredential, profile);
BlobServicesClient blobServicesClient = manager.serviceClient().getBlobServices();
// Exception is thrown at the following line
BlobServicePropertiesInner blobServicePropertiesInner = blobServicesClient.getServiceProperties("<RESOURCE_GROUP_NAME>", "<ACCOUNT_NAME>");
boolean versionFlag = blobServicePropertiesInner.isVersioningEnabled();
Azure configuration details:
- Subscrition: "<SUBSCRIPTION_ID>" is created in the subscriptions.
- Resource Group: "<RESOURCE_GROUP_NAME>" is configured with the "<SUBSCRIPTION_ID>".
- Storage Accouunt: "<ACCOUNT_NAME>" is configured with the "<SUBSCRIPTION_ID>".
- App Registartion: "<APP_REGISTARTION>" is created to provide the "<AZURE_CLIENT_ID>", "<AZURE_CLIENT_SECRET>", "<AZURE_TENANT_ID>"
- Role Assignments: "DEVELOPER" has "Reader" access across subscriptions, resource groups, storage accounts but still I still have no idea on how the App registration is configured into the subscription
Error Message:
{
"code": "ERROR",
"message": "Status code 403, \"{\"error\":{\"code\":\"AuthorizationFailed\",\"message\":\"The client '<APP_REGISTARTION_OBJECT_ID>' with object id '<APP_REGISTARTION_OBJECT_ID>' does not have authorization to perform action 'Microsoft.Storage/storageAccounts/blobServices/read' over scope '/subscriptions/{"<SUBSCRIPTION_ID>"}/resourceGroups/Titaniam-Sandbox/providers/Microsoft.Storage/storageAccounts/sandboxtestaccount/blobServices/default' or the scope is invalid. If access was recently granted, please refresh your credentials.\"}}\""
}
Kinldy let me know what is the mistake i am making whether it is a code issue or configuration issue.
Things i am need of clarification:
- Is there any other way to get the "is Versioning enabled" value using azure-sdk-for-java?
- How App registration is connected with subscription.
- How are roles connected with App registration as well as subscription.
- How to set the scope
- How to add the application and how to identify the application.
Thanks in advance.
{count} votes
-
Sumarigo-MSFT 43,641 Reputation points Microsoft Employee2022-09-15T05:44:51.097+00:00 @Syedyasiraswath ASKAR BASHA (Ash) Apologies for the delay response! I am checking on this thread!
-
Syedyasiraswath ASKAR BASHA (Ash) 1 Reputation point
2022-09-15T06:08:56.857+00:00 Thank you @Sumarigo-MSFT for the response. Kindly assist me in the earliest
Sign in to comment