[BUG] Unable to Mount Storage with Disabled Storage Account Key Access #433
Comments
ivanthewebber
added
bug
|
Experienced the same issue 😄 |
|
Due to technical limitations with Azure File Shares, Cloud Shell cannot mount storage if the "Allow storage account key access" is Disabled. The guidance for such scenarios is to use Ephemeral Sessions in Cloud Shell that do not require mounting storage. |
|
Closing as alternative solution is offered (understanding that this does not allow the user to have file persistance) and we are blocked by Azure File Shares support for Managed Identity to allow mounting storage with disabled key access. |
|
Reopening issue - The Cloud Shell team is now committed to support mounting storage in Cloud Shell without Storage Account Key Access needed. We are still blocked by Azure File Shares to support managed identity, but we are working with them on getting this feature built. ETA is Fall this year. |
mbifeld
added
Priority 0
and removed
Triage-needed
For security initiative reasons we would like to disable storage account key access on all our Azure storage accounts, but it seems cloud shell is not compatible with this. Is there any planned work to use managed identity (e.g. Entra ID) instead? If so what would be the ETA? If not is there any workaround?
To Reproduce
Use Azure Cloudshell with existing storage account. Got to portal.azure.com -> storage account -> settings/configuration -> Set "Allow storage account key access" to "Disabled" and save.
Observed Behavior
Expected behavior
Normal working (successful mount).
Is this specific to Cloud Shell?
Yes
Interface information
Accessing Cloud Shell via - https://shell.azure.com, https://portal.azure.com on Windows 11
Additional context
See top.
The text was updated successfully, but these errors were encountered: