search

crossplane-contrib / provider-upjet-azure

Azure Provider for Crossplane.
https://marketplace.upbound.io/providers/upbound/provider-family-azure/
Apache License 2.0
61 stars 75 forks source link

[Bug]: Cannot create container inside blob storage with network rules #808

Open nitang22 opened 2 months ago

nitang22 commented 2 months ago

Is there an existing issue for this?

Affected Resource(s)

No response

Resource MRs required to reproduce the bug

No response

Steps to Reproduce

apiVersion: storage.azure.upbound.io/v1beta2
kind: Account
metadata:
  annotations:
    crossplane.io/external-name: genxp0000001nfs
  name: genx-nfs
spec:
  deletionPolicy: Delete
  forProvider:
    accountKind: BlockBlobStorage
    accountReplicationType: ZRS
    accountTier: Premium
    allowNestedItemsToBePublic: false
    blobProperties: {}
    crossTenantReplicationEnabled: true
    enableHttpsTrafficOnly: true
    infrastructureEncryptionEnabled: true
    isHnsEnabled: true
    localUserEnabled: true
    location: East US
    minTlsVersion: TLS1_2
    networkRules:
      defaultAction: Deny
      ipRules:
      - 
      virtualNetworkSubnetIds:
      - 
      - 
    nfsv3Enabled: true
    publicNetworkAccessEnabled: true
    queueEncryptionKeyType: Service
    resourceGroupName:
    sharedAccessKeyEnabled: true
    tableEncryptionKeyType: Service
  initProvider: {}
  managementPolicies:
  - '*'
  providerConfigRef:
    name: crossplane-azure-provider
---
apiVersion: storage.azure.upbound.io/v1beta1
kind: Container
metadata:
  annotations:
    crossplane.io/external-name: dev-nfs
  name: dev-nfs
spec:
  deletionPolicy: Delete
  forProvider:
    containerAccessType: private
    storageAccountName: genxp0000001nfs
  initProvider: {}
  managementPolicies:
  - '*'
  providerConfigRef:
    name: crossplane-azure-provider

What happened?

Warning  CannotObserveExternalResource  1s (x9 over 8m4s)  managed/storage.azure.upbound.io/v1beta1, kind=container  (combined from similar events): failed to observe the resource: [{0 retrieving Container "dev-nfs" (Account "genxp0000001nfs" / Resource Group "rg-lz-npr-eastus-03"): containers.Client#GetProperties: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="AuthorizationFailure" Message="This request is not authorized to perform this operation.\nRequestId:c638949e-d01e-0066-181b-fe3a6d000000\nTime:2024-09-03T16:10:04.6926215Z"  []}]

Relevant Error Output Snippet

No response

Crossplane Version

1.5.0

Provider Version

1.5.0

Kubernetes Version

No response

Kubernetes Distribution

No response

Additional Info

No response

nitang22 commented 2 months ago

Is it related to this? https://github.com/hashicorp/terraform-provider-azurerm/issues/2977