Open cbn-targit opened 1 month ago
mateuszkumpf
commented
1 month ago This is something we had in the project. Unfortunately the library from Microsoft does not support the option to create a database, create or change a container etc. when authenticating with TokenCredential.
IEvangelist
commented
1 month ago This is something we had in the project. Unfortunately the library from Microsoft does not support the option to create a database, create or change a container etc. when authenticating with TokenCredential.
If that is the case, then I don't think we could get it to work either. We're just a wrapper around their existing SDK, exposing DI hooks for our IRepository<TItem> interface.
Describe the bug When trying to options.TokenCredential using ChainedTokenCredential from Azure.Identity, if i have IsAutoResourceCreationIfNotExistsEnabled=true and have to setup a collection, i get permission error. I've tried searching for the permission needed, but cannot figure out if the issue is on my end or theres an actual bug
To Reproduce Use Azure.Identity for TokenCredential, set IsAutoResourceCreationIfNotExistsEnabled to true, try do do an operation on a collection that does not exist
Expected behavior The needed resource is created
Actual behavior I following error: Failed to get container with error Response status code does not indicate success: Forbidden (403); Substatus: 5300; ActivityId: {guid}; Reason: (Request blocked by Auth {Cosmos Account Name} : The given request [POST /dbs/{DatabaseName}/colls] cannot be authorized by AAD token in data plane
Environment summary SDK Version: 8.1.7
OS Version (e.g. Windows, Linux, MacOSX) Windows/Linux
Additional context If i try to create the resource using AzureResourceManager, it works