Open DSOTM-RSA opened 3 weeks ago
This additional env var introduced does not make sense to me. . Better just expect user wants to use same. storage created by bicep for Gen2 as well and therefore use the same env var like exported by bicep for blob storage. This way just loading and env will fulfill the required. What is missing to put this if statement for gen2 to bicep as well instead leave it up to the user to create additional dedicated storage for himself. Why not always use gen2, doesn’t it anyway handle all requirements?
This additional env var introduced does not make sense to me. . Better just expect user wants to use same. storage created by bicep for Gen2 as well and therefore use the same env var like exported by bicep for blob storage. This way just loading and env will fulfill the required. What is missing to put this if statement for gen2 to bicep as well instead leave it up to the user to create additional dedicated storage for himself. Why not always use gen2, doesn’t it anyway handle all requirements?
My primary issue, is having a clear idea of the permissions to deploy additional functionalities in the solution - like the User Data Upload. The general documented solution-permissions suggested by the product developer team meet all my past requirements, but in this case seem to be insufficient. I would just like clarity which permissions I need, rather than attempting ad-hoc to set appropriate permissions.
Thanks, this is good feedback, agreed that the bicep can provision / set permissions on the ADLS Gen 2 storage account
This issue is for a: (mark with an
x
)Minimal steps to reproduce
Any log messages given by the failure
Expected/desired behavior
OS and Version?
azd version?
Versions
Mention any other details that might be useful
MSFT documentation suggests other privileges are needed to deploy Security Groups. Is this the case?
Side-Note: Trying to run the document access control scripts in my typical Dev Container environment fails, with the error '_AZURE_ADLS_GEN2_STORAGEACCOUNT must be set to continue', hence being forced to run it as-is. This despite deploying dozens of successful deployment iterations of the solution, using this and all other environment variables from
.env
in the Dev Container environment.