Open ahsonkhan opened 3 months ago
Based on the logs this comes from identity not working, since the other tests pass it seesm the issue is an intermittent one coming out of identity 403 is due to an inability to get a valid token
@gearama, yes the initial attempts to fetch the token failed, but the retry policy kicked in and you can see a successful token fetch at retry attempt 3, down below:
...
2024-07-17T23:21:47.4197145Z 22: [2024-07-17T23:21:47.4181423Z T: 1100] INFO : HTTP status code 200 won't be retried.
2024-07-17T23:21:47.4197870Z 22: [2024-07-17T23:21:47.4182523Z T: 1100] INFO : Identity: DefaultAzureCredential: Successfully got token from ManagedIdentityCredential. This credential will be reused for subsequent calls.
2024-07-17T23:21:47.4198611Z 22: [2024-07-17T23:21:47.4182827Z T: 1100] DEBUG : Identity: DefaultAzureCredential: Saved this credential at index 3 for subsequent calls.
2024-07-17T23:21:47.4199293Z 22: [2024-07-17T23:21:47.4183081Z T: 1100] INFO : Identity: ChainedTokenCredential: Successfully got token from DefaultAzureCredential.
2024-07-17T23:21:47.4200102Z 22: [2024-07-17T23:21:47.4183606Z T: 1100] INFO : HTTP Request : POST ***keys/DoubleDeleteBeforePollComplete/create?api-version=7.5
...
2024-07-17T23:21:47.4514329Z 22: [2024-07-17T23:21:47.4503351Z T: 1100] INFO : HTTP/1.1 Response (31ms) : 403 Forbidden
The 403 then comes when the POST request is made to the keyvault endpoint, and not the identity endpoint.
From https://github.com/Azure/azure-sdk-for-cpp/pull/5814
On:
ValidateLive Win2022_x86_no_rtti_with_unit_test
https://dev.azure.com/azure-sdk/internal/_build/results?buildId=3971287&view=logs&j=2fc98781-9230-5004-8e4b-444d4f6ce9bd&t=3c1f81d9-4b69-5f1f-44df-3f6e046c3c5e