I have a private storage account with a container. When i upload a blob to the container, I trigger a 'BlobCreated' event with Event Grid, which is then picked up by a function.
The aim of the function is to copy the source blob to another 'backup' storage account.
I am using the new @azure/storage-blob & @azure/identity NodeJS packages.
const {BlobServiceClient} = require('@azure/storage-blob');
const {ManagedIdentityCredential} = require('@azure/identity');I create my source and destination blob & container clients, then create the destination container. This all works well:
const sourceBlobServiceClient = new BlobServiceClient(
`https://${sourceAccountName}.blob.core.windows.net`,
new ManagedIdentityCredential()
);
const destBlobServiceClient = new BlobServiceClient(
`https://${destinationAccountName}.blob.core.windows.net`,
new ManagedIdentityCredential()
);
const sourceContainer = sourceBlobServiceClient.getContainerClient(containerName);
const destContainer = destBlobServiceClient.getContainerClient(containerName);
await destContainer.createIfNotExists();Then I get source & destination blob clients and initiate the copy:
const sourceBlob = sourceContainer.getBlobClient(blobName);
const destBlob = destContainer.getBlobClient(sourceBlob.name);
const response = await destBlob.beginCopyFromURL(sourceBlob.url);The sourceBlob.url property is correct, and the blob exists in the source directory, but the beginCopyFromURL statement fails with:
Result: FailureException: RestError: The specified resource does not exist.
I have enabled ManagedIdentity on my function app, and given it Owner & Storage Blob Data Owner on both source & destination storage accounts. It seems like beginCopyFromURL isn't authentication with the identity, instead trying to access the source blob as public.
Am i missing something, or maybe there's a better way to copy across storage accounts using Node?
Thanks
