无法从本地环境将Blob存储上传/下载到容器 [英] Unable to upload/download blob storage to container from local environment
问题描述
我有一个退出功能的应用程序,该应用程序具有从sftp下载文件,处理文件并将文件上传到blob存储的功能.此功能应用已在天蓝色部署并且可以正常工作.但是,当我从Visual Studio(本地)运行相同的文件时,将文件上传到Blob存储时会出错.
I have an exiting functions app that has the functionality to download a file from sftp, process the file and upload file to blob storage. This functions app is already deployed in azure and working properly. However, when I run the same thing from visual studio (local) I get error at uploading file to blob storage.
Microsoft.Azure.Storage.StorageException:无权使用此权限执行此操作.
Microsoft.Azure.Storage.StorageException: This request is not authorized to perform this operation using this permission.
我确保此应用在存储帐户中分配了必要的贡献者角色(这就是为什么它从azure开始工作的原因).我是否需要在本地设置或项目设置中配置其他设置,才能使这些功能像部署到天蓝色时一样工作?还是存储帐户中有任何设置可以覆盖从开发人员运行但仅从天蓝色运行时执行上传操作的要求?
I made sure this app has the necessary contributor role assigned in a storage account (thats why its working from azure). Are there any other settings I need to configure in local settings or project settings for these functions to work same like when they are deployed to azure? Or could there be any settings in storage account that is overriding to perform upload operation when run from dev but run only from azure?
我确保我使用的本地设置是从具有存储帐户名称,blob存储的连接字符串,sftp url和具有sft站点详细信息的密钥库名称的应用程序配置中复制的,
I made sure I use local settings have all are copied from app configuration which has storage account names, connection string of blob storage, sftp url, and key vault name which has credetails of sft site etc.,
更新: 忘了提到从我的计算机上载命令行成功从命令行上传az存储容器上载命令.
Update: Forgot to mention that az storage container upload command from command-line from my machine uploaded file successfully.
更新2: 按照我的建议,我已经按照教程,我就能够成功创建容器,上传blob并进行清理而没有错误. 然后,我将代码合并以将简单的下载blob模拟到内存流中,这也会引发错误
update2: As per suggested by I have followed the tutorial and I was successfully able to create the container, upload blob and do cleanup without errors. Then I consolidated code to simulate simple download blob into memory stream which is also throwing error
此请求无权使用此命令执行此操作 允许 (请参阅底部的完整日志)
This request is not authorized to perform this operation using this permission (see full log in the bottom)
下载Blob的代码:
static async Task TokenCredentialsSample()
{
var tenantId = "xxxxx-xxxx-xxxx-xxxx-xxxxxxxx";
var tokenProvider = new AzureServiceTokenProvider().GetAccessTokenAsync("https://storage.azure.com/",tenantId);
var tokenCredential = new TokenCredential(tokenProvider.Result);
var storageCredentials = new StorageCredentials(tokenCredential);
var uri = new Uri("https://mystorageaccount.blob.core.windows.net/mycontainer/inbound/myfile.csv");
var cloudBlockBlob = new CloudBlockBlob(uri, storageCredentials);
var memoryStream = new MemoryStream();
cloudBlockBlob.DownloadToStream(memoryStream); // Error here
memoryStream.Position = 0;
memoryStream.Close();
}
我还确保我从命令行键入az登录以切换以选择正确的订阅,并且在Visual Studio选项中也选择了该帐户.
I have also made sure I typed az login from command-line to switch to select correct subscription and also the account is selected in visual studio options.
错误日志:
Microsoft.Azure.Storage.StorageException
HResult = 0x80131500
Message =此请求无权使用此权限执行此操作.
源= Microsoft.Azure.Storage.Common
堆栈跟踪:
在Microsoft.Azure.Storage.Core.Executor.Executor.d__1 1.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter 1.GetResult()
at Microsoft.Azure.Storage.Core.Executor.Executor.<> c__DisplayClass0_0 1.<ExecuteSync>b__0()
at Microsoft.Azure.Storage.Core.Util.CommonUtility.RunWithoutSynchronizationContext[T](Func 1 actionToRun)
在Microsoft.Azure.Storage.Core.Executor.Executor.ExecuteSync [T](RESTCommand 1 cmd, IRetryPolicy policy, OperationContext operationContext)
at Microsoft.Azure.Storage.Blob.CloudBlob.DownloadRangeToStream(Stream target, Nullable 1偏移量,可空1的长度,AccessCondition accessCondition,BlobRequestOptions选项,OperationContext operationContext)
在Microsoft.Azure.Storage.Blob.CloudBlob.DownloadToStream(流目标,AccessCondition accessCondition,BlobRequestOptions选项,OperationContext operationContext)
在C:... \ source \ repos \ BlobStorage \ Program.cs:line 111中的BlobStorage.Program.d__2.MoveNext()
在System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
在System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务任务)
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()
在C:... \ source \ repos \ BlobStorage \ Program.cs:line 19中的BlobStorage.Program.d__0.MoveNext()中
Microsoft.Azure.Storage.StorageException
HResult=0x80131500
Message=This request is not authorized to perform this operation using this permission.
Source=Microsoft.Azure.Storage.Common
StackTrace:
at Microsoft.Azure.Storage.Core.Executor.Executor.d__11.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter1.GetResult()
at Microsoft.Azure.Storage.Core.Executor.Executor.<>c__DisplayClass0_01.<ExecuteSync>b__0()
at Microsoft.Azure.Storage.Core.Util.CommonUtility.RunWithoutSynchronizationContext[T](Func1 actionToRun)
at Microsoft.Azure.Storage.Core.Executor.Executor.ExecuteSync[T](RESTCommand1 cmd, IRetryPolicy policy, OperationContext operationContext)
at Microsoft.Azure.Storage.Blob.CloudBlob.DownloadRangeToStream(Stream target, Nullable1 offset, Nullable`1 length, AccessCondition accessCondition, BlobRequestOptions options, OperationContext operationContext)
at Microsoft.Azure.Storage.Blob.CloudBlob.DownloadToStream(Stream target, AccessCondition accessCondition, BlobRequestOptions options, OperationContext operationContext)
at BlobStorage.Program.d__2.MoveNext() in c:...\source\repos\BlobStorage\Program.cs:line 111
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at BlobStorage.Program.d__0.MoveNext() in c:...\source\repos\BlobStorage\Program.cs:line 19
此异常最初是在此调用堆栈上抛出的: Microsoft.Azure.Storage.Core.Executor.Executor.ExecuteAsync(Microsoft.Azure.Storage.Core.Executor.RESTCommand,Microsoft.Azure.Storage.RetryPolicies.IRetryPolicy,Microsoft.Azure.Storage.OperationContext,System.Threading.CancellationToken) System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(System.Threading.Tasks.Task) System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task) System.Runtime.CompilerServices.TaskAwaiter.GetResult() Microsoft.Azure.Storage.Core.Executor.Executor.ExecuteSync.AnonymousMethod__0() Microsoft.Azure.Storage.Core.Util.CommonUtility.RunWithoutSynchronizationContext(System.Func) Microsoft.Azure.Storage.Core.Executor.Executor.ExecuteSync(Microsoft.Azure.Storage.Core.Executor.RESTCommand,Microsoft.Azure.Storage.RetryPolicies.IRetryPolicy,Microsoft.Azure.Storage.OperationContext) Microsoft.Azure.Storage.Blob.CloudBlob.DownloadRangeToStream(System.IO.Stream,long ?, long ?, Microsoft.Azure.Storage.AccessCondition,Microsoft.Azure.Storage.Blob.BlobRequestOptions,Microsoft.Azure.Storage.OperationContext) Microsoft.Azure.Storage.Blob.CloudBlob.DownloadToStream(System.IO.Stream,Microsoft.Azure.Storage.AccessCondition,Microsoft.Azure.Storage.Blob.BlobRequestOptions,Microsoft.Azure.Storage.OperationContext) ... [通话堆栈被截断]
This exception was originally thrown at this call stack: Microsoft.Azure.Storage.Core.Executor.Executor.ExecuteAsync(Microsoft.Azure.Storage.Core.Executor.RESTCommand, Microsoft.Azure.Storage.RetryPolicies.IRetryPolicy, Microsoft.Azure.Storage.OperationContext, System.Threading.CancellationToken) System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(System.Threading.Tasks.Task) System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task) System.Runtime.CompilerServices.TaskAwaiter.GetResult() Microsoft.Azure.Storage.Core.Executor.Executor.ExecuteSync.AnonymousMethod__0() Microsoft.Azure.Storage.Core.Util.CommonUtility.RunWithoutSynchronizationContext(System.Func) Microsoft.Azure.Storage.Core.Executor.Executor.ExecuteSync(Microsoft.Azure.Storage.Core.Executor.RESTCommand, Microsoft.Azure.Storage.RetryPolicies.IRetryPolicy, Microsoft.Azure.Storage.OperationContext) Microsoft.Azure.Storage.Blob.CloudBlob.DownloadRangeToStream(System.IO.Stream, long?, long?, Microsoft.Azure.Storage.AccessCondition, Microsoft.Azure.Storage.Blob.BlobRequestOptions, Microsoft.Azure.Storage.OperationContext) Microsoft.Azure.Storage.Blob.CloudBlob.DownloadToStream(System.IO.Stream, Microsoft.Azure.Storage.AccessCondition, Microsoft.Azure.Storage.Blob.BlobRequestOptions, Microsoft.Azure.Storage.OperationContext) ... [Call Stack Truncated]
推荐答案
确定.我找到了解决方法.
OK. I found the solution.
我发现本文在注释中明确指出,必须具有数据读取器或数据贡献者角色!没有任何MS文档,例如此没有像本文一样强调其他角色(数据读取器/数据贡献者)的重要性.
I found this article which clearly stated in the note that Data Reader or Data Contributor role is a must! None of the MS documents such as this did not highlight the importance of additional role (Data Reader/Data Contributor) like the article did.
请注意,您的用户是以下用户的所有者/贡献者,这是不够的 订阅/资源组/存储帐户.用户必须是 分配给数据读取器或数据贡献者角色以访问 使用Azure AD身份验证进行数据.
Note that it is not enough that your user is an Owner/Contributor on the subscription/resource group/Storage account. The user must be assigned to a Data Reader or Data Contributor role to get access to the data using Azure AD authentication.
我们认为贡献者足够,但还不够.
We assumed contributor was enough but it is not.
这篇关于无法从本地环境将Blob存储上传/下载到容器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
