I am attempting to copy a blob from one uri to another (both within the same storage account), both have a SAS Token for the credentials. This works fine with a SAS Token that doesn't have an IP restriction but fails when then source blob SAS token is IP restricted.
Note: It is not failing because I have got the IP wrong, other blob functions work i.e. list, delete, upload etc.
Example code:
Uri sourceBlobUri = new Uri("https://mystorage.blob.core.windows.net/a-container/a.json");
Uri targetBlobUri = new Uri("https://mystorage.blob.core.windows.net/a-container-archive/a.json");
var prodTokenSource = @"A_SAS_TOKEN_WITH_A_IP_RESTRICTION";
var prodTokenArchive = @"A_SAS_TOKEN_WITH_A_IP_RESTRICTION";
StorageCredentials sourceCredentials = new StorageCredentials(prodTokenSource);
StorageCredentials targetCredentials = new StorageCredentials(prodTokenArchive);
CloudBlockBlob sourceBlob = new CloudBlockBlob(sourceBlobUri, sourceCredentials);
CloudBlockBlob targetBlob = new CloudBlockBlob(targetBlobUri, targetCredentials);
await targetBlob.StartCopyAsync(sourceBlob); //Fails 403 error
One guess is that the copy request is originating from within Azure so the IP address is blocked? Should I configure the source SAS Token to accept an IP range from within Azure? Is there another way to copy blobs that allows use of SAS Tokens?
