Share via

Event Subscription with System Topic parent for Private Storage Account fails

LaurentG 20 Reputation points
2023-06-01T11:08:53.8866667+00:00

It was working with a public Storage Account, but now that the Storage Account is private the deployment of the event subscription (StorageAccount:Queue -> System Topic) is failing with "Internal Error".

Could you please follow up on this: e20ce182-4c43-4850-bf57-f7d593708496:6/1/2023 10:58:09 AM (UTC)

User's image

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,515 questions
Azure Event Grid
Azure Event Grid
An Azure event routing service designed for high availability, consistent performance, and dynamic scale.
448 questions
0 comments
Accepted answer
  1. Sumarigo-MSFT 47,466 Reputation points Microsoft Employee Moderator
    2023-06-19T08:50:25.91+00:00

    @LaurentG I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer.

    Issue: Event Subscription with System Topic parent for Private Storage Account fails

    Solution: In the Storage Account Networking set "Public Network Access" to "Enabled from selected virtual networks and IP addresses" and then choose "Resource instances" and set the "Microsoft.EventGrid/topics" Instance and then the deployment worked successfully!

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Konstantinos Passadis 19,571 Reputation points MVP
    2023-06-01T11:21:53.4+00:00

    Hello @LaurentG !

    Welcome to Microsoft QnA!

    I see you are having trouble wit a storage Account , connecting from Event Hub since you changed to Private Access

    User's image

    Have you checked the Access Control on the blob ?

    Go to :

    User's image

    Also go here https://learn.microsoft.com/en-us/azure/storage/blobs/anonymous-read-access-configure?tabs=portal

    and have a look on the different levels for a better understanding!

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped!

    Regards

  2. Konstantinos Passadis 19,571 Reputation points MVP
    2023-06-01T11:39:29.7133333+00:00

    Hello @Graebner, Laurent !

    Thank you for the info

    Please add the role

    Storage Queue Data Contributor OR Storage Account Contributor OR Storage Blob Data Contributor

    These roles are having the effect required , and supersede the simple Subscription level role

    You can try all of them and then remove the ones you do not need , after testing

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped!

    Regards

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.