locked
Unable to change 'Access Policy' in azure storage's static websites RRS feed

  • Question

  • Hello There,

    First of all, thanks for this useful feature (static website).

    My question is, when I am trying to change the Access policy of Azure storage from "Private" to other "public level access", I am getting "Authorization Failure".

    Just want to know "Is it a bug" or by design?

    Is it possible to change the access level, if yes please guide me in the proper direction.

    Thanks.

    Saturday, December 15, 2018 6:05 AM

Answers

  • Hello Jeethu,

    When I tried to change access policy from private to public in azure portal. It is giving the same error which you have faced. Did you tried using storage explorer? If not, try using Storage explorer and change the access policy at container level as below mentioned and let me know if you need any assistance on this.

    You can configure a container with the following permissions:

    1. No public read access: The container and its blobs can be accessed only by the storage account owner. This is the default for all new containers.
    2. Public read access for blobs only: Blobs within the container can be read by anonymous request, but container data is not available. Anonymous clients cannot enumerate the blobs within the container.
    3. Full public read access: All container and blob data can be read by anonymous request. Clients can enumerate blobs within the container by anonymous request but cannot enumerate containers within the storage account.

    • Marked as answer by JeetuSingh Tuesday, December 18, 2018 8:16 AM
    Monday, December 17, 2018 6:00 AM

All replies

  • Can I expect an answer on this?
    Monday, December 17, 2018 5:26 AM
  • Hello Jeethu,

    When I tried to change access policy from private to public in azure portal. It is giving the same error which you have faced. Did you tried using storage explorer? If not, try using Storage explorer and change the access policy at container level as below mentioned and let me know if you need any assistance on this.

    You can configure a container with the following permissions:

    1. No public read access: The container and its blobs can be accessed only by the storage account owner. This is the default for all new containers.
    2. Public read access for blobs only: Blobs within the container can be read by anonymous request, but container data is not available. Anonymous clients cannot enumerate the blobs within the container.
    3. Full public read access: All container and blob data can be read by anonymous request. Clients can enumerate blobs within the container by anonymous request but cannot enumerate containers within the storage account.

    • Marked as answer by JeetuSingh Tuesday, December 18, 2018 8:16 AM
    Monday, December 17, 2018 6:00 AM
  • Hi,

    I also get the same error as you get. I think it is a bug they need to fix with a proper error message. But $web is always a public anonymous access endpoint. You might not be able to change the access policy of that container.

    When you enable static websites on your storage account, a new web service endpoint is created of the form

    <account-name>.<zone-name>.web.core.windows.net.

    The web service endpoint always allows anonymous read access, returns formatted HTML pages in response to service errors, and allows only object read operations. The web service endpoint returns the index document in the requested directory for both the root and all subdirectories. When the storage service returns a 404 error, the web endpoint returns a custom error document if you configured it.

    Regards,

    Sammani

    Monday, December 17, 2018 6:11 AM
  • @Sammani,

    Thanks for the info.

    @YashwanthM,

    The answer is helpful to me.

    But it will be quite helpful if the same can be done using portal also.

    Thanks

    Tuesday, December 18, 2018 8:16 AM