-
Notifications
You must be signed in to change notification settings - Fork 330
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
azure_rm_storageaccount allow_blob_public_access won't update when used on new storage account #325
Comments
once the storage account is flipped in the UI to enabled this code works to disable it. |
this change seems to fix it.
|
@jgainey I've got this one. I'm already working on updating this module. The blob public access was some code I added a while back when I was first learning the Azure python SDK and how this collection does things, so I'm cleaning up the Storage account modules and making it work consistently between create and update. |
@jgainey Thank you for reporting this issue, we will review it as soon as possible, thank you! |
@jgainey It should have been fixed, and if the account's allow_blob_public_access=null, it can be updated to allow_blob_public=true or false. Thank you very much! |
Hi! I'm still experiencing this issue (running version 1.3.1). |
@Tailzip |
@Tailzip Thank you for your reply, but I tested this module and when (allow_blob_public_access=null) we can Update the storage account to Update allow_blob_public_access to True or False. I'll check again. Thank you very much! |
@paultaiton Hi, we are experiencing a very similar issue with a new storage account creation but with https_only, I will add detail to this issue soon but I was wondering if you've made progress on this problem as it could be the exact same logic causing the problem. Thanks! |
Well, it fixed it by itself... Haven't updated collection version, but now it works as expected. My guess is that Azure API was updated (or fixed). 🤷♂️ |
@Tailzip You tried with a new storage account ? I insist on "new" because the logic in the update_account is working correctly, the problem is within the create_account, so for us https_only failed when creating the first time but the storage account IS created but without the https_only option, if we run a second time the collection update the storage account with the options that haven't worked the first time.. Thanks |
fixes by #458 |
@arsenicks |
@Tailzip @jgainey @arsenicks |
SUMMARY
on new storage accounts allow_blob_public_access is null and cannot be updated to yes or no using this module
ISSUE TYPE
COMPONENT NAME
azure.azcollection.azure_rm_storageaccount won't perform an update if the allow_blob_public_access is None:
ANSIBLE VERSION
CONFIGURATION
OS / ENVIRONMENT
Linux css-ansapp1-d1 3.10.0-1160.2.2.el7.x86_64 #1 SMP Sat Oct 17 05:06:47 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Red Hat Enterprise Linux Server release 7.9 (Maipo)
STEPS TO REPRODUCE
EXPECTED RESULTS
{
"changed": true,
"state": {
"id": "xxxxx",
"name": "xxx",
"location": "northcentralus",
"resource_group": "xxxx",
"type": "Microsoft.Storage/storageAccounts",
"access_tier": null,
"sku_tier": "Standard",
"sku_name": "Standard_LRS",
"provisioning_state": "Succeeded",
"secondary_location": null,
"status_of_primary": "available",
"status_of_secondary": null,
"primary_location": "northcentralus",
"https_only": false,
"minimum_tls_version": null,
"allow_blob_public_access": null,
"network_acls": {
"bypass": "AzureServices",
"default_action": "Allow",
"virtual_network_rules": [],
"ip_rules": []
},
"custom_domain": null,
"primary_endpoints": {
"blob": "https://xxx.blob.core.windows.net/",
"queue": "https://xxx.queue.core.windows.net/",
"table": "https://xxx.table.core.windows.net/"
},
"secondary_endpoints": null,
"tags": {}
},
"invocation": {
"module_args": {
"resource_group": "xxxxx",
"name": "xxxx",
"allow_blob_public_access": false,
"client_id": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"secret": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"tenant": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"subscription_id": "aaaaaaaa-bbbb-xxxx-yyyy-13e62483bb6d",
"auth_source": "auto",
"cloud_environment": "AzureCloud",
"api_profile": "latest",
"append_tags": true,
"state": "present",
"force_delete_nonempty": false,
"kind": "Storage",
"profile": null,
"ad_user": null,
"password": null,
"cert_validation_mode": null,
"adfs_authority_url": null,
"tags": null,
"account_type": null,
"custom_domain": null,
"location": null,
"access_tier": null,
"https_only": null,
"minimum_tls_version": null,
"network_acls": null,
"blob_cors": null
}
},
"_ansible_no_log": false
}
ACTUAL RESULTS
{
"changed": false,
"state": {
"id": "xxxxxx",
"name": "xxxx",
"location": "northcentralus",
"resource_group": "xxxxx",
"type": "Microsoft.Storage/storageAccounts",
"access_tier": null,
"sku_tier": "Standard",
"sku_name": "Standard_LRS",
"provisioning_state": "Succeeded",
"secondary_location": null,
"status_of_primary": "available",
"status_of_secondary": null,
"primary_location": "northcentralus",
"https_only": false,
"minimum_tls_version": null,
"allow_blob_public_access": null,
"network_acls": {
"bypass": "AzureServices",
"default_action": "Allow",
"virtual_network_rules": [],
"ip_rules": []
},
"custom_domain": null,
"primary_endpoints": {
"blob": "https://xxxxx.blob.core.windows.net/",
"queue": "https://xxxx.queue.core.windows.net/",
"table": "https://xxxx.table.core.windows.net/"
},
"secondary_endpoints": null,
"tags": {}
},
"invocation": {
"module_args": {
"resource_group": "xxxxxxx",
"name": "csstestvm3d16800",
"allow_blob_public_access": false,
"client_id": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"secret": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"tenant": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"subscription_id": "aaaaaaaa-bbbb-xxxx-yyyy-13e62483bb6d",
"auth_source": "auto",
"cloud_environment": "AzureCloud",
"api_profile": "latest",
"append_tags": true,
"state": "present",
"force_delete_nonempty": false,
"kind": "Storage",
"profile": null,
"ad_user": null,
"password": null,
"cert_validation_mode": null,
"adfs_authority_url": null,
"tags": null,
"account_type": null,
"custom_domain": null,
"location": null,
"access_tier": null,
"https_only": null,
"minimum_tls_version": null,
"network_acls": null,
"blob_cors": null
}
},
"_ansible_no_log": false
}
The text was updated successfully, but these errors were encountered: