API 连接失败 'Forbidden'
API Connection is failing with 'Forbidden'
我在 ISE 中有一个逻辑应用程序,它使用 API 连接写入我的存储帐户。 ISE 和存储帐户都在同一个私有 VNet 中,我的存储帐户为 ISE 的每个子网启用了防火墙规则。即便如此,对逻辑应用程序的所有请求都无法写入 blob 存储,并出现错误:
{
"status": 403,
"message": "This request is not authorized to perform this operation.\r\nclientRequestId: ...",
"error": {
"message": "This request is not authorized to perform this operation."
},
"source": "azureblob-cus.azconn-cus.p.azurewebsites.net"
}
如果我禁用 blob 存储防火墙规则,它可以写入存储帐户。为什么我的逻辑应用程序(在为存储帐户配置了防火墙规则的 ISE 内)不能写入我的存储帐户?
我明白了。我是针对公开可用的 blob 存储服务而不是 ISE 内的托管连接器创建 API 连接。而不是
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"location": "[resourceGroup().location]",
"name": "[parameters('BackupStorageAccountName')]",
"properties": {
...
"api": {
"id": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', resourceGroup().location, '/managedApis/azureblob')]"
}
}
}
我需要
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"location": "[resourceGroup().location]",
"name": "[parameters('BackupStorageAccountName')]",
"properties": {
...
"api": {
"id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/integrationServiceEnvironments/', parameters('iseName'), '/managedApis/azureblob')]"
}
}
}
我在 ISE 中有一个逻辑应用程序,它使用 API 连接写入我的存储帐户。 ISE 和存储帐户都在同一个私有 VNet 中,我的存储帐户为 ISE 的每个子网启用了防火墙规则。即便如此,对逻辑应用程序的所有请求都无法写入 blob 存储,并出现错误:
{
"status": 403,
"message": "This request is not authorized to perform this operation.\r\nclientRequestId: ...",
"error": {
"message": "This request is not authorized to perform this operation."
},
"source": "azureblob-cus.azconn-cus.p.azurewebsites.net"
}
如果我禁用 blob 存储防火墙规则,它可以写入存储帐户。为什么我的逻辑应用程序(在为存储帐户配置了防火墙规则的 ISE 内)不能写入我的存储帐户?
我明白了。我是针对公开可用的 blob 存储服务而不是 ISE 内的托管连接器创建 API 连接。而不是
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"location": "[resourceGroup().location]",
"name": "[parameters('BackupStorageAccountName')]",
"properties": {
...
"api": {
"id": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', resourceGroup().location, '/managedApis/azureblob')]"
}
}
}
我需要
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"location": "[resourceGroup().location]",
"name": "[parameters('BackupStorageAccountName')]",
"properties": {
...
"api": {
"id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/integrationServiceEnvironments/', parameters('iseName'), '/managedApis/azureblob')]"
}
}
}