我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

huangapple go评论114阅读模式
英文:

I am not getting any container info from my storage account when using the "get-azstoragecontainer" command powershell

问题

当尝试获取我的存储帐户的容器列表时,我遇到了以下两个错误:

  1. Get-AzStorageContainer : Retry failed after 6 tries. Retry settings can be adjusted in ClientOptions.Retry.

  1. Get-AzStorageContainer : This request is not authorized to perform this operation. RequestId:0000000...

在搜索互联网时,我找到了这篇微软的博客,它基本上说你的存储帐户的网络配置不允许您检索此类信息。

我有一个具有相同网络配置的存储帐户(正常工作,我可以使用相同的命令获取容器列表),所以我将该配置复制/复制到另一个存储帐户(存在问题的存储帐户),但没有起作用。

我在不提供容器列表的存储帐户上进行的配置如下:

  1. 我添加了一个虚拟网络(VNET)并创建了一个专用端点,并配置了方法"Enabled from selected virtual networks and IP addresses",但我仍然遇到了这两个错误之一。

我猜想这与网络配置有关,但我不知道还有什么其他检查项。

这是我能够获取容器列表的存储帐户的配置,它连接到一个带有专用端点的VNET(第一张图片):

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

第二张图片显示的是我无法获取容器列表的存储帐户的网络配置:

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

英文:

when try to get the containers list of my storage account I am getting these 2 errors
Get-AzStorageContainer : Retry failed after 6 tries. Retry settings can be adjusted in ClientOptions.Retry.

or
Get-AzStorageContainer : This request is not authorized to perform this operation.
RequestId:0000000...

when searching over the internet I found this Microsoft's blog

it basically says your network configuration on the storage account is not allowing you to retrieve such information.

I have 1 storage account with the same network configuration (t6hat is working fine and that I can get the list of containers using the same command) so I copied/replicated that config on a different storage account (which is having the issues) but did not work.

The config I did on the storage account not giving me the list of containers is :

  1. I added a VNET and created a private endpoint and configured the method "Enabled from selected virtual networks and IP addresses" but I am still getting one of those 2 errors

I am guessing is something related to the network config but I don't know what else to check.

this is the config of one of the storage accounts I am able to get the list of containers it is connected to a VNET with a private endpoint created (1st image)
我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

the second image is to show the network config of the storage account I am not able to get the list of containers

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

答案1

得分: 1

已创建存储帐户并启用了所选虚拟网络和 IP 地址:

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

在虚拟网络内的存储帐户中创建了私有终结点:

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

当我尝试获取与私有终结点连接的容器列表时,出现了相同的错误:

Get-AzStorageContainer此请求未获得授权执行此操作请求标识0000000...

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

要解决此问题,请执行以下步骤:

确保在防火墙设置中将客户端 IP 地址添加为允许从互联网或本地网络访问的地址。这些规则允许访问特定的基于互联网的服务和本地网络,并阻止一般的互联网流量,以便存储帐户检索容器列表:

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

  • 检查与私有终结点连接的子网关联的任何网络安全组 (NSG)。即使私有终结点已正确配置,NSG 可能会阻止与存储帐户之间的流量。确保 NSG 规则允许与存储帐户之间的流量。
  • 检查是否已为存储帐户添加了 RBAC 角色 "Storage Blob 数据贡献者",这应该为列出容器提供了必要的权限。

现在,在添加客户端 IP 后,使用以下命令获取容器列表:

$resourceGroupName="RGName"
$storageAccName="StorageName"

#Function to get all the containers    
Function GetAllStorageContainer    
{    
    Write-Host -ForegroundColor Green "Retrieving storage container.."        
    ## Get the storage account from which container has to be retrieved    
    $storageAcc=Get-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccName        
    ## Get the storage account context    
    $ctx=$storageAcc.Context    
    ## List all the containers    
    $containers=Get-AzStorageContainer  -Context $ctx     
    foreach($container in $containers)    
    {    
        write-host -ForegroundColor Yellow $container.Name    
    }    
}     
    
GetAllStorageContainer  

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

英文:

Created storage account and enabled from selected virtual networks and IP addresses:

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

Created private endpoint in storage account within the virtual network:

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

when I tried to get the list of containers it is connected to a VNET with a private endpoint and got the same error:

Get-AzStorageContainer : This request is not authorized to perform this operation. RequestId:0000000...

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

To resolve this issue, check the below steps:

Ensure that in firewall settings add the client IP addresses to allow access from the internet or on-premises network. These rules grant access to specific internet-based services and on-premises networks and block general internet traffic and allow your storage account to retrieve the container list:

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

  • Check any NSGs associated with the subnet that the private endpoint is connected to. NSGs can block traffic to and from the storage account, even if the private endpoint is configured correctly. Make sure that the NSG rules allow traffic to and from the storage account.
  • Check you have added RBAC role Storage blob data contributor for your storage account which should provide the necessary permissions to list containers.

Now, after adding client IP make use of below command to get the list of containers:

$resourceGroupName= "RGName"    
$storageAccName="StorageName"    

#Function to get all the containers    
Function GetAllStorageContainer    
{    
    Write-Host -ForegroundColor Green "Retrieving storage container.."        
    ## Get the storage account from which container has to be retrieved    
    $storageAcc=Get-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccName        
    ## Get the storage account context    
    $ctx=$storageAcc.Context    
    ## List all the containers    
    $containers=Get-AzStorageContainer  -Context $ctx     
    foreach($container in $containers)    
    {    
        write-host -ForegroundColor Yellow $container.Name    
    }    
}     
    
GetAllStorageContainer  

我无法理解您的要求。请提供需要翻译的具体内容,我会尽力帮助您。

huangapple
  • 本文由 发表于 2023年8月5日 03:12:20
  • 转载请务必保留本文链接:https://go.coder-hub.com/76838627.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定