Open jaylevin opened 2 months ago
Hi @jaylevin,
Thank you for raising this issue. I can reproduce this issue in provider v1.1.0
with the information given.
message: |-
observe failed: failed to observe the resource: [{0 retrieving queue properties for Storage Account (Subscription: "038f2b7c-3265-43b8-8624-c9ad5da610a8"
Resource Group Name: "fatihtestrg"
Storage Account Name: "aluexample"): queues.Client#GetServiceProperties: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="AuthenticationFailed" Message="Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.\nRequestId:4e08fd4c-6003-006b-309c-a3fa3e000000\nTime:2024-05-11T12:10:27.8970415Z" []}]
Is there an existing issue for this?
Affected Resource(s)
storage.azure.upbound.io/v1beta1 - Account
Resource MRs required to reproduce the bug
Steps to Reproduce
Account
MR.What happened?
Expected: The provider should reconcile the Storage Account's connection secret and update it with the new value that was generated via Azure Portal.
Observed: The
Account
MR becomes unsynced, and the azure-storage provider fails to observe the external resource due to 403 error below.Relevant Error Output Snippet
Crossplane Version
1.15.1
Provider Version
azure-family: v0.42.0, azure-storage: v1.0.1
Kubernetes Version
1.26
Kubernetes Distribution
No response
Additional Info
Restarting the
azure-storage
pod fixes the issue almost immediately and the MR becomes synced and ready. The connection secretredis-connection-secret
is reconciled with the new credentials as expected.