Reputation: 364
How to retrieve ACLs from Blob Container
I am using Azure storage .NET SDK for managing Data lake Gen2 storage ACLs. It is working fine for retrieving ACLs from files and directories inside Blob container, but it throws an error for the container itself.
To better illustrate the problem here are my blob containers, the one I am accessing is called data:
When I am retrieving ACLs from, for example, data/MyFolder2 path, the method works fine, but not if I try with data path.
Error that is being thrown:
Service request failed.\r\nStatus: 400 (Value for one of the query parameters specified in the request URI is invalid.)\r\n\r\nHeaders:\r\nServer: Windows-Azure-HDFS/1.0,Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 89561112-8b6877000000\r\nDate: Wed, 29 Jun 2022 16:42:47 GMT\r\n
This my code:
...
string container = "data";
string folderPath = "MyFolder2";
DataLakeServiceClient dataLakeClient = new DataLakeServiceClient(mySASconnectionString);
DataLakeDirectoryClient dirClient = dataLakeClient.GetFileSystemClient(container).GetDirectoryClient(directoryPath);
Azure.Response<PathAccessControl> accessControlReponse = dirClient.GetAccessControl();
...
I have all permissions required since I am connecting as storage account owner.
Upvotes: 0
Views: 271
Answers (2)
Reputation: 364
The way to retrieve ACls from Blob container (root directory) is to initialize client as shown below:
...
string container = "data";
DataLakeServiceClient dataLakeClient = new DataLakeServiceClient(mySASconnectionString);
DataLakeFileSystemClient fileSystemClient = dataLakeClient.GetFileSystemClient(container);
DataLakePathClient client = new DataLakePathClient(fileSystemClient, "/");
Azure.Response<PathAccessControl> accessControlReponse = client.GetAccessControl();
...
The problem was while looping from target directory to its root, method DataLakePathClient.GetParentDirectoryClient() was returning URI of the root path with the missing '/' which was causing errors.
Upvotes: 0
Reputation: 2739
Make sure to check and validate if your storage account firewall is enabled or not?
If not, Go to storage account ->Networking ->check to allow access to all networks.
Sometimes you get an error if you have metadata file, metadata should not contain special characters or additional space starting of the value and end of the value.
Reference:
End-to-end troubleshooting using Azure Storage metrics
Monitor, diagnose, and troubleshoot Microsoft Azure Storage
Upvotes: 0
Related Questions
- Azure blob storage and container permissions
- How do you grant access to a container using an Access Policy?
- Get shared access signature URI for ALL blobs in an azure blob container?
- Azure Storage : Unable to access Container blobs with defined Credentials
- Get all files from azure blob container using rest API, I am already tried this code but i am facing 403 error
- Changing blob containers access policy on azure
- altering blob container access permissions
- ACL access abilities for Azure Containers and Blobs
- Azure BLOB Shared Access Signature at the BLOB level, not container
- Can't programmatically set permissions to blob container in Azure Storage