[BUG] ResourceNotFound when retrieving blob container access policy using Visual Studio credential
See original GitHub issueLibrary name and version
Azure.Storage.Blobs 12.11.0
Describe the bug
When retrieving a blob container access policy using Visual Studio credential, the operation fails with Azure.RequestFailedException
(ErrorCode
= ResourceNotFound
) even when the user configured in VS has the following roles configured in the storage account: Owner, Storage Account Contributor, Storage Blob Data Contributor.
The operation succeeds without errors if the same operation is performed by connecting using a connection string instead of TokenCredential
.
Expected behavior
The operation should succeed using a connection string or a token credential (Visual Studio or other).
Actual behavior
See above.
The exception is the following:
The specified resource does not exist.
RequestId:22b082c6-001e-000c-64b6-5bc52b000000
Time:2022-04-29T10:47:45.3254629Z
Status: 404 (The specified resource does not exist.)
ErrorCode: ResourceNotFound
Content:
<?xml version="1.0" encoding="utf-8"?><Error><Code>ResourceNotFound</Code><Message>The specified resource does not exist.
RequestId:22b082c6-001e-000c-64b6-5bc52b000000
Time:2022-04-29T10:47:45.3254629Z</Message></Error>
Headers:
Server: Windows-Azure-Blob/1.0,Microsoft-HTTPAPI/2.0
x-ms-request-id: 22b082c6-001e-000c-64b6-5bc52b000000
x-ms-client-request-id: f3021d93-df6b-4d1e-8bcc-a3ee859e2340
x-ms-version: 2021-04-10
x-ms-error-code: ResourceNotFound
Date: Fri, 29 Apr 2022 10:47:44 GMT
Content-Length: 223
Content-Type: application/xml
The stack trace:
at Azure.Storage.Blobs.ContainerRestClient.<GetAccessPolicyAsync>d__20.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Azure.Storage.Blobs.BlobContainerClient.<GetAccessPolicyInternal>d__71.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Azure.Storage.Blobs.BlobContainerClient.<GetAccessPolicyAsync>d__70.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Primavera.Hydrogen.Storage.Azure.Blobs.AzureContainerReference.<>c__DisplayClass14_0.<<GetPermissionsAsync>b__0>d.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Primavera.Hydrogen.Azure.Client.AzureRequestExceptionsHandler`2.<HandleAsync>d__7`1.MoveNext()
Reproduction Steps
- Configure VS to use Azure Service Authentication.
- Configure access control for the storage account to add the following rules to the user logged in VS: Owner, Storage Account Contributor, Storage Blob Data Contributor.
- Instantiate
BlobContainerClient
using the service URI andChainedTokenCredential
with Visual Studio enabled. - Invoke
GetAccessPolicyAsync()
.
Environment
.NET SDK (reflecting any global.json): Version: 6.0.202 Commit: f8a55617d2
Runtime Environment: OS Name: Windows OS Version: 10.0.19042 OS Platform: Windows RID: win10-x64 Base Path: C:\Program Files\dotnet\sdk\6.0.202\
Host (useful for support): Version: 6.0.4 Commit: be98e88c76
.NET SDKs installed: 2.1.526 [C:\Program Files\dotnet\sdk] 5.0.300 [C:\Program Files\dotnet\sdk] 5.0.405 [C:\Program Files\dotnet\sdk] 6.0.202 [C:\Program Files\dotnet\sdk]
.NET runtimes installed: Microsoft.AspNetCore.All 2.1.28 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.All 2.1.30 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.App 2.1.28 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 2.1.30 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 3.1.22 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 3.1.24 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 5.0.4 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 5.0.14 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 5.0.15 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 6.0.4 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.NETCore.App 2.1.26 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.28 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.30 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 3.1.22 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 3.1.24 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 5.0.4 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 5.0.14 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 5.0.15 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 6.0.4 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.WindowsDesktop.App 3.1.22 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App] Microsoft.WindowsDesktop.App 3.1.24 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App] Microsoft.WindowsDesktop.App 5.0.14 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App] Microsoft.WindowsDesktop.App 6.0.4 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
Issue Analytics
- State:
- Created a year ago
- Comments:6 (3 by maintainers)
Top GitHub Comments
@SaurabhSharma-MSFT, a I said above, everything works fine with connection strings.
This bug (and another similar in the Service Bus library) is preventing us from adopting managed identity and from getting rid of these connection strings (which make it very difficult to control who has access to what information about our clients). GDPR is key here.
PS: Even if reading the container access policy is not supported, at least the error code should be something meaningful and different from when the container does not exist, don’t you agree?
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @xgithubtriage.
Issue Details
Library name and version
Azure.Storage.Blobs 12.11.0
Describe the bug
When retrieving a blob container access policy using Visual Studio credential, the operation fails with
Azure.RequestFailedException
(ErrorCode
=ResourceNotFound
) even when the user configured in VS has the following roles configured in the storage account: Owner, Storage Account Contributor, Storage Blob Data Contributor.The operation succeeds without errors if the same operation is performed by connecting using a connection string instead of
TokenCredential
.Expected behavior
The operation should succeed using a connection string or a token credential (Visual Studio or other).
Actual behavior
See above.
The exception is the following:
The stack trace:
Reproduction Steps
BlobContainerClient
using the service URI andChainedTokenCredential
with Visual Studio enabled.GetAccessPolicyAsync()
.Environment
.NET SDK (reflecting any global.json): Version: 6.0.202 Commit: f8a55617d2
Runtime Environment: OS Name: Windows OS Version: 10.0.19042 OS Platform: Windows RID: win10-x64 Base Path: C:\Program Files\dotnet\sdk\6.0.202\
Host (useful for support): Version: 6.0.4 Commit: be98e88c76
.NET SDKs installed: 2.1.526 [C:\Program Files\dotnet\sdk] 5.0.300 [C:\Program Files\dotnet\sdk] 5.0.405 [C:\Program Files\dotnet\sdk] 6.0.202 [C:\Program Files\dotnet\sdk]
.NET runtimes installed: Microsoft.AspNetCore.All 2.1.28 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.All 2.1.30 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.App 2.1.28 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 2.1.30 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 3.1.22 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 3.1.24 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 5.0.4 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 5.0.14 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 5.0.15 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 6.0.4 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.NETCore.App 2.1.26 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.28 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.30 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 3.1.22 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 3.1.24 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 5.0.4 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 5.0.14 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 5.0.15 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 6.0.4 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.WindowsDesktop.App 3.1.22 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App] Microsoft.WindowsDesktop.App 3.1.24 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App] Microsoft.WindowsDesktop.App 5.0.14 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App] Microsoft.WindowsDesktop.App 6.0.4 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
Storage
,Service Attention
,Client
,customer-reported
,question
,needs-team-attention