You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've been experimenting with this project, and rather than provide one of the default keys for the storage account as the connection string, I'd like to provide one with limited permissions. Specifically, I'd like to use a connection string that only allows for access to the specific container where the blob appender will be storing logs.
I can create a connection string from a stored access policy that I create that just provides the required permissions for my target container, but ActivateOptions in the AzureBlobAppender throws an exception due to a 403 returned by the remote service. The problem is due to the call to CreateIfNotExists, which cannot be performed without the ability to create containers.
I don't think that providing the ability to create containers should be necessary for logging into one. Would you consider either removing this call or wrapping it in a try/catch, to prevent failure when this permission is not available?
The text was updated successfully, but these errors were encountered:
I've been experimenting with this project, and rather than provide one of the default keys for the storage account as the connection string, I'd like to provide one with limited permissions. Specifically, I'd like to use a connection string that only allows for access to the specific container where the blob appender will be storing logs.
I can create a connection string from a stored access policy that I create that just provides the required permissions for my target container, but ActivateOptions in the AzureBlobAppender throws an exception due to a 403 returned by the remote service. The problem is due to the call to CreateIfNotExists, which cannot be performed without the ability to create containers.
I don't think that providing the ability to create containers should be necessary for logging into one. Would you consider either removing this call or wrapping it in a try/catch, to prevent failure when this permission is not available?
The text was updated successfully, but these errors were encountered: