Azcopy 409 Public access is not permitted on this storage account

Question

I try to copy file from Linux virtual machine on Azure (in a virtual network) to an account storage. With Azcopy login It's working but I want to make it with SAS token. I add my virtual network in "Networking". image And I generate a SAS key in "Shared acces signature" image On my linux virtual machine I have 10.0.3.4

Accepted Answer

From the logs I could see the SAS token you are using is incorrect. In your image its only sp=r in SAS token , whereas it should be something like this in the image if you are generating the SAS token as you have mentioned.I tested the same in my environment , added firewall in Storage account like :Using the generated SAS token as you have mentioned , the operation get successful using the below command :./azcopy copy "/home/ansuman/azcopy_linux_amd64_10.13.0/NOTICE.txt" "https://testansumansa123.blob.core.windows.net/backup?sv=2020-08-04&ss=bfqt&srt=sco&sp=rwdlacupitfx&se=2022-01-27T15:18:31Z&st=2022-01-27T07:18:31Z&spr=https&sig=XXXXXX"Which is in format of./azcopy copy "SourcePath" "storageaccounturl/container<SASToken>"As you can see if SAS is generated by the method in your image then it will have permissions as sp=rwdlacupitfx which is all permissions in the Storage account.To resolve the issue , Please check the SAS token you are using .If you are generating from Storage account like you have shown in image then you can use the SAS token by appending it behind your storage account url/container.If you are generating the SAS token from inside the container , Please make sure to have selected the necessary permissions from the drop down as shown below and then you can use the Blob SAS URl :

Advertisement

Answer