New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
az storage account or-policy create doesn't work #26673
Comments
Hi @JohnnyFasching, 2.45.0 is not the latest Azure CLI(2.49.0). Please upgrade to the latest Azure CLI version by following https://learn.microsoft.com/en-us/cli/azure/update-azure-cli. |
Thank you for opening this issue, we will look into it. |
Hi @JohnnyFasching, the command is missing the |
@calvinhzy I also tried it with the policy-id and still I do not get the error in the console, I only see the error in the Azure logs |
Yes, it is a CLI issue that it only prints out the error with --debug. Can you try it again with --debug and fix the command call accordingly? |
I fixed the command call, and saw that the request was sent, but still the error is {"error":{"code":"ObjectReplicationFailure","message":""OR: policy does not exist on destination account"\nRequestId:a672b414-b004-0004-3f8e-a2c876000000\nTime:2023-06-19T09:12:24.8264201Z"}} |
This is the full debug output, with personal information removed from the output of course. CLI command: cli.knack.cli: Command arguments: ['storage', 'account', 'or-policy', 'create', '--policy-id', '371bbaed-695d-4e14-a526-b1cb084d045b', '-g', 'dev-rg', '--account-name', 'devstacc', '--destination-account', 'devstacc2', '--source-account', 'devstacc', '--destination-container', 'files', '--source-container', 'files', '--rule-id', 'default', '--debug'] cli.azure.cli.core.profiles._shared: Traceback (most recent call last): cli.azure.cli.core.profiles._shared: Traceback (most recent call last): cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad [] |
Can you try |
Then the error message is: @calvinhzy Have you also tried the command and get the same problems or does this work for you? |
It worked now when setting the policy-id to "default", I used this particular json for the policy creation:
But still the documentation is very misleading and should be extended with those examples |
…nt out error info (Azure#26706)
Describe the bug
When I use the default snipped from the documentation then the command completes but from the blob storage activity log I see the error "OR: policy does not exist on destination account" RequestId:79438c10-9004-0003-4f9c-9ea415000000 Time:2023-06-14T08:46:28.1321224Z"
az storage account or-policy create -g ResourceGroupName -n storageAccountName -d destAccountName -s srcAccountName --destination-container dcont --source-container scont
Related command
az storage account or-policy create -g ResourceGroupName -n storageAccountName -d destAccountName -s srcAccountName --destination-container dcont --source-container scont
Errors
"OR: policy does not exist on destination account" RequestId:79438c10-9004-0003-4f9c-9ea415000000 Time:2023-06-14T08:46:28.1321224Z
Issue script & Debug output
No additional debug output
Expected behavior
I assume that the cli command creates the resources in both blobs and that the command with the json policy definition is also working properly.
Environment Summary
azure-cli 2.45.0 *
core 2.45.0 *
telemetry 1.0.8
Dependencies:
msal 1.20.0
azure-mgmt-resource 21.1.0b1
Python location 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\JohannesFasching.azure\cliextensions'
Python (Windows) 3.10.8 (tags/v3.10.8:aaaf517, Oct 11 2022, 16:37:59) [MSC v.1933 32 bit (Intel)]
Additional context
No response
The text was updated successfully, but these errors were encountered: