

我正在尝试获取订阅中所有存储帐户的密钥.但是我在使用Azure Java SDK的一个存储帐户上遇到了此异常.

I am trying to get the keys for all the Storage Accounts in my subscription. But I am getting this exception on one of the Storage Account using Azure Java SDK.


For most of the Storage Accounts I manage to get the keys. But for some of them the same error gets repeated. What does this mean?


从遇到的错误中,服务器使用HTTP 403 状态码响应了您的请求,指示您的请求被禁止.

From the error you encountered, the server responded to your requests with HTTP 403 status code indicates that your request is Forbidden by the server.


A server that receives valid credentials that are not adequate to gain access ought to respond with the 403 (Forbidden) status code
(Section 6.5.3 of [RFC7231]).


This is most probably caused by some Role-Based Access Controls that are in place to prevent your account to perform the list storage account key actions for certain storage accounts based on your assigned role.

您可以使用下面的Azure PowerShell cmdlet来验证在特定作用域下分配给特定对象的角色是否有权列出存储帐户密钥.

You can use the Azure PowerShell cmdlet below to verify whether the role assigned to your specific object under the specific scope has the permission to list the storage account keys.

Get-AzureRmRoleAssignment -Scope "/subscriptions/758ad253-#######f07/resourceGroups/spcwestus/providers/Microsoft.Storage/storageAccounts/grsstorag" -ObjectId 5c79ee27-###########-#####91f8e3


More information please refer to the link below:



05-28 21:13