Unable to delete Storage Account : Azure - azure

I have a storage account in my Azure sub which I am trying to delete. When I try to do so, it says I have a storage account in my Azure which I cant delete. When I try to delete that it says
Failed to delete storage account <storage acc name>. Error: An operation is currently performing on this storage account that requires exclusive access.
I have tried multiple times, even after waiting, but nothing is working. Any solution?

If you have waited and still facing the issue, you will have to open a support ticket with Azure Support to get it fixed.

Was your storage Account Encrypted?
Was your storage Account used as a VDI Blob storage ?
Thanks and regards,
Abdel

Please try the following:
Login as (or ask your) global admin and attempt to delete the storage account
Unlikely but if the above fails ask Global Administrator add themselves as a Storage Blob Data Owner and then try to delete the Storage Account.
Remove Resource Lock
In my case Microsoft support are attempting to delete the storage account. All other workflows failed. Will post RCA when isolated. Note this is using Professional Direct support contract.
For reference I logged into the Azure portal with an account with no support contract to test your condition. I was able to create a support ticket but with a very limited set of options, under the TECHNICAL heading, only AZURE INFORMATION PROTECTION option was available for example.
My storage account deletion issue has highlighted an error condition exists where a Global Admin user is unable to delete a storage resource containing no data or resource lock. In this case Microsoft are actioning the removal of the problem resource following several weeks of calls , threads and remote sessions.
I suggest you attempt to raise a ticket via any means , highlight your issue and hopefully Microsoft will internally route the issue to the correct department.
Root Cause Analysis
An operation to delete the storage account was never finished Azure side.
Every operation holds a lock on the storage account to prevent conflicts between different operations.
In my case the lock prevented all other operations we performed: deleting, updating, deploying etc.
Microsoft are yet to detect which operation exactly was causing the issue but explained similar issues when another user tried to modify the tag of a storage account with misused escape characters.
In my case its likely that a DevOps pipeline was modifying the storage account, the request to Azure Resource Management(ARM) was somehow incomplete due to, for example, a network fluctuation / transient error.
Resolution
The way to resolve the issue is Microsoft manually reset the status of the lock on the storage account and release the lock form the storage account. Delete operations are then possible. Microsoft are taking steps to improve the process.

Related

How to change where azure storage emulator stores its files

I am attempting to debug an application that is comprised of several microservices. Part of the cross service messaging is carried out by storing information in azure blob storage by one service to be read by the other. For local testing we use Azure storage emulator.
Recently my AD logon had to be recreated by our IT team. My username has gone from , to <myname.COMPANYNAME> and since then Azure storage emulator has failed me.
Attempting to view all local blob storage results in an error "Unable to retrieve child resources." though I can can confirm that each container still exists manually. Hunting online suggests the problem is due to the period in my AD logon name (changing this is non trivial due to it needing to be done by another department)
Unable to retrieve child resources.
Details:
{
"name": "RestError",
"message": "The specifed resource name contains invalid
characters.\nRequestId:b305591f-acf0-4e2e-8cc6-e3305fa18fab\nTime:2021-09-
My current thinking is to try and configure the emulator to not store its files in my user account but I have yet to find anywhere that this can be carried out - the config file mentioned in this question doesn't appear to have what I need.
For this a successful answer would be guidance on how to relocate the storage explorer without IT having to create a new logon, or a workaround that will allow storage explorer and the services to retrieve my various blob stores.
Please check this thread > Azure Storage Emulator store data on specific path - Stack Overflow if it can help related to azure storage emulator.
NOTE:
The Azure Storage Emulator is now deprecated. Microsoft recommends
that you use the Azurite emulator for local development with
Azure Storage Refer
Most cases change in Logon names doesn’t have affect on blob, but maybe in few cases due to name connected permissions or SID.
After changing the username, check if any permissions or roles assigned previously are given to that new one and make sure if DN and SID are not modified, to access resources or check all the configurations that have done previously that depend only on DN. The Storage Emulator supports only a single fixed account and a well-known authentication key.
1.Try to restart the emulator and check whenever tried with new port or any newconfiguration.
See this Thread
The invalid characters in the error in most of the cases happens with container name (all lowercase, no special characters) .
Try to check once and refer below threads for resolution possibilities,if it is container issue.
SO ref1
SO Ref 2
Storage Explorer has several options for how and where it can source the information needed to connect to your proxy. To change which option is being used, go to Settings (gear icon on the left vertical toolbar) > Application > Proxy. Network Connections in Azure Storage Explorer | Microsoft Docs

Azure Data Factory Event Trigger - Storage Account Key in Json?

we have a storage account that is locked down. My pipeline has connections that reference a key vault to get the access token for the storage account.
When I create an event trigger in ADF, ADF lets me find and connect to the storage account (without asking for a key or prompting me to select the linked service connection). It tells me what files it will include based on my begins with and ends with values (it found 2 files). It saves successfully.
When I publish it, I get this error in between publish to adf-publish and generating the arm templates.
The attempt to configure storage notifications for the provided storage account ****failed. Please ensure that your storage account meets the requirements described at https://aka.ms/storageevents. The error is Failed to retrieve credentials for request=RequestUri=https://management.azure.com/subscriptions/********/resourceGroups/<resource group name>/providers/Microsoft.Storage/storageAccounts/<storage account name here to gen 2 data lake>/listAccountSas, Method=POST, response=StatusCode=400, StatusDescription=Bad Request, IsSuccessStatusCode=False, Content=System.Net.HttpWebResponse, responseContent={"error":{"code":"InvalidValuesForRequestParameters","message":"Values for request parameters are invalid: keyToSign."}}
I believe this is due to the fact that ADF trigger creation process (and therefore its JSON) does not allow you to point to a Key Vault to get the access token for the storage account you are connecting to. Is this the issue? Is there a fix for this?
Appreciate any help, thanks - April
I think the storage account is attached to a VNET and running behind the firewall. I faced similar issue because of this. You may remove the firewall once and configure the trigger and then bring the firewall back.
It's not strictly necessary to disable the firewall. You can also use this feature on your storage account.

The storage account for this workspace has been deleted

The storage account for this workspace has been deleted. which I have been using for my Machine Learning Studio. What should I do as when I try to save my experiment it shows that no workspace is found.
See the Image for reference which showing storage account has been deleted
Deepak, this issue maybe related to cache on your browser or a deleted storage account for the workspace.
For scenario one (which you are getting):
After the new Machine Learning workspace is created, you can sign in to Machine Learning Studio by using the Microsoft account you used to create the workspace. If you encounter the error message, “Workspace Not Found” (similar to the following screenshot), please use the following steps to delete your browser cookies. More details can be found here: https://learn.microsoft.com/en-us/azure/machine-learning/studio/troubleshooting-creating-ml-workspace, you can also use in private/incognito mode to confirm.
Scenario 2:
In case if the storage account was deleted, double check in the Storage accounts on the left blade of the azure portal, then select the subscription you created the workspace with, it should list it there, if it is not, then it was indeed deleted. In that case:
"It's not possible to restore a deleted storage account or retrieve any of the content that it contained before deletion. Be sure to back up anything you want to save before you delete the account. This also holds true for any resources in the account—once you delete a blob, table, queue, or file, it is permanently deleted." More details can be found here: https://learn.microsoft.com/en-us/azure/storage/common/storage-create-storage-account

Is there a way to find which user deleted a specific storage account in Azure?

We are using a single Azure subscription for several projects with several users. One of our storage accounts has been deleted recently. Is there a way to find out which user deleted this storage account?
Is there a way to find out which user deleted this storage account?
If the storage account is deleted via Azure Portal (and not the old one), you can to find this information is by going through Activity Logs (formerly known as Audit Logs). These logs include all of the provisioning actions performed via the Azure Resource Manager, in addition to other actions that are related to managing Azure resources (for example, autoscaling).

Azure Storage account consistently only adding Blob storage, missing Table/Queue/Files

Whenever I create a new Storage (classic) account through the Azure portal I consistently have issues whereby the Table/Queue/File storage is not created at all, leaving the account with only Blob storage, like this:
Instead of like this (separate account):
I have tried this multiple times and all have had the same result. I don't see how I can be getting this wrong as there is only 4 options on the form to create the account, and none of them govern the content of the account.
When I then attempt to create a new Table or Queue in this new account I get a 502 Bad Gateway error.
Am I missing something here? Can anyone tell me how I can add the required storage types to the account.
Not sure what's up with the portal, but a storage account always comprises blob, table, queue, and file storage (unless you create a Premium storage account - that's strictly blobs).
You should be able to confirm this by creating an app to, say, create, write, and read from a queue or table.
EDIT I see you edited your question, showing that you did try to create a table/queue. If this is a non-premium account, I suggest reaching out to support, as this makes no sense.
EDIT 4/2017 Aside from Premium storage accounts (which only have page blobs), there is another type of general (non-premium) storage account, specific to blobs only, where you won't be able to create Tables and Queues, but it's not available via the "Classic" deployment model; it's available only via "Resource Manager" deployment model:
In my case the issue was due to selecting Zone Redundant Storage (ZRS).
Since ZRS accounts only support Block Blobs, you will not see the
table, queue or file endpoints listed on the portal for the new
account.
https://blogs.msdn.microsoft.com/windowsazurestorage/2014/08/01/introducing-zone-redundant-storage/
Recreating the storage account using Globaly Redundant Storage (GRS) worked.

Resources